Splunk Administrator
Job Summary:
We are seeking a skilled Splunk Administrator to manage and maintain our Splunk infrastructure. The ideal candidate will have hands-on experience in deploying, configuring, and optimizing Splunk environments to support data analysis, monitoring, and security operations. This role requires strong technical expertise, attention to detail, and the ability to troubleshoot and resolve issues efficiently.
Key Responsibilities:
- Splunk Infrastructure Management:
- Deploy, configure, and maintain Splunk components (e.g., Search Heads, Indexers, Forwarders, Deployment Server).
- Monitor and optimize Splunk infrastructure for performance, scalability, and high availability.
- Perform regular upgrades, patches, and troubleshooting to ensure system stability.
- Data Onboarding and Configuration:
- Onboard data from various sources (e.g., logs, metrics, events) into Splunk.
- Develop and maintain data parsing, normalization, and enrichment using Splunk configurations.
- Create and manage data inputs, indexes, and field extractions.
- User Management and Support:
- Manage user roles, permissions, and access controls within Splunk.
- Provide technical support to end-users, resolving issues related to Splunk functionality.
- Conduct training sessions and create user guides to improve system adoption and efficiency.
- Dashboards and Reporting:
- Design and develop custom Splunk dashboards, reports, and alerts to meet business requirements.
- Use Splunk’s Search Processing Language (SPL) to create complex queries and visualizations.
- Provide actionable insights to stakeholders through data analysis and visualization.
- Security and Compliance:
- Implement and enforce security policies to protect Splunk environments and data.
- Monitor and analyze security events, logs, and alerts to identify potential threats.
- Ensure compliance with industry standards and regulations (e.g., GDPR, HIPAA, PCI-DSS).
- Integration and Automation:
- Configure and manage integrations between Splunk and other systems (e.g., SIEM, ITSM, cloud platforms).
- Develop and maintain automated workflows and scripts to streamline data collection and analysis.
- Troubleshoot and resolve integration issues.
- Documentation and Best Practices:
- Maintain detailed documentation of Splunk configurations, processes, and procedures.
- Develop and update disaster recovery and business continuity plans for Splunk environments.
- Stay updated on Splunk best practices, new features, and industry trends.
Qualifications:
- Education: Bachelor’s degree in Computer Science, Information Technology, or a related field.
- Experience:
- 3+ years of experience as a Splunk Administrator or in a similar role.
- Hands-on experience with Splunk Enterprise and Splunk Cloud.
- Familiarity with Splunk Enterprise Security (ES) and IT Service Intelligence (ITSI) is a plus.
- Experience with data onboarding, parsing, and normalization.
- Technical Skills:
- Proficiency in Splunk Search Processing Language (SPL).
- Knowledge of Splunk architecture and components (e.g., Indexers, Search Heads, Forwarders).
- Familiarity with scripting languages (e.g., Python, Bash) for automation.
- Understanding of security and compliance requirements.
- Certifications (Preferred):
- Splunk Certified Administrator.
- Splunk Certified Power User.
- Splunk Certified Enterprise Security Admin.
- Soft Skills:
- Strong analytical and problem-solving skills.
- Excellent communication and interpersonal abilities.
- Ability to work independently and as part of a team.
Work Environment:
- Location: Dubai, United Arab Emirates
- Travel: Need to relocate to Dubai
Why Join Us?
- Opportunity to work with cutting-edge Splunk technologies.
- Collaborative and innovative work environment.
- Competitive salary and benefits package.
- Professional growth and development opportunities.
If you are passionate about Splunk and have a proven track record in system administration, we encourage you to apply and become a key player in our team!
Job Type: Full Time
Job Location: United Arab Emirates