Splunk Engineer - Southern California Edison Rosemead, CA, USA Bookmark Share Print 622 0 0

Listing Description

Remote 4 days/week, on-site 1 day/week Rosemead, CA

Job Description:

• Oversees Splunk Enterprise infrastructure and tunes Splunk for optimal onboarding of data, performance, and capacity management; identifies gaps and areas of duplication; provides recommendations for optimization
• Ensures Splunk is monitored, and effective alerting is in place to meet SLAs and required visibility
• Manages upgrades and patching of platform 
• Ensures our logging environment provides for effective threat detection and response in direct partnership with information security teams
• Interact with internal/ external customers to gather requirements, perform troubleshooting and aid with the creation of Splunk search queries. Designs and develops reports and dashboards in Splunk. Diagnoses, solves, and implements needed solutions for a complex environment.
• Creates documentation for any addition or change to our environment. Reviews and updates on a regular basis to ensure accuracy.
• Ensures the security tools are supporting all compliance efforts in collaboration with auditors
• Provides metrics for platform performance, capacity, and user management
• Assists with compliance questionnaires as needed
• Collaborates with the Security team in security incident resolution and risk evaluations
• Sets and supports best practices for end users and company standards. Stays current on the latest industry technologies, trends, and strategies

Skills Needed

·         2 years of progressive Splunk administration, Splunk architect and/or logging experience in a multisite environment is necessary

·         Experience or familiarity with scripting languages specifically Python

·         Practical experience with major components of Splunk Enterprise, including data ingestion pipelines, and SPL

·         PERL/ Linux shell scripting / Regex experience will be a plus

·         Familiarity with Ansible and GIT

·         Solid Linux and Windows foundation with an emphasis of Unix/Linux CLI

·         Demonstrated proficiency with the full Splunk lifecycle, including all major components for an enterprise deployment.

·         Must have solid foundation in Linux and possess a competence to troubleshoot various aspects of the integration including operating system, application, and networking components as they relate to both Splunk and syslog implementations

·         Ability to handle large projects as well as take care of day-to-day operations

·         Ability to follow change and configuration management

·         Strong problem-solving skills and work under pressure

·         Experience working with Unix and Linux operating systems specifically troubleshooting Splunk application, log ingestion.

·         Integrating Splunk with data sources and understanding of Splunk search language

·         Experience in documenting requirements, configurations and changes as needed