0

applicants

Full-time Splunk L3 Consultant

at c2csaini in Texas


Splunk L3 Consultant

Location : Frisco, TX

Passed Trainings/Certification level:


Splunk Enterprise Data Administration is a must
Splunk System Administration is a must
Splunk architect training or certification
Splunk Troubleshooting
Administering Splunk Enterprise Security Job Descriptions:

Your responsibility is going to be to get all the agreed data from different
technology or application in scope and make sure data is being received by our
SIEM solution or in core Splunk and with all important attributes.

Excellent communication skills are mandatory for this type of tasks, as a lot
of engagement with the internal customers happens on a daily basis. You will be
responsible for data mapping according to the CIM , Data masking , Knowledge
objects , fine tune queries , create reports,dashboards , saved searches ,
alerts , troubleshoot Splunk , Upgrade Splunk , Maintaining Clusters (Search
head cluster , Indexer cluster )

 

Essential Knowledge, Skills and Experience


Experience and good understanding of regex, how it works in Splunk
understanding of CIM is a must
Experience of mapping data to CIM data models , normalizing data etc.
Good hands on experience in Splunk knowledge objects like lookups, Field
extractions, field aliases , tags etc
Experience of working on props and transforms .conf file
understanding of Splunk architecture components, include search head
clustering, indexer clustering, deployment server and monitoring console
understanding of configuration files and relationship between GUI
configuration and backend configuration file impact
good understanding on how conf file precedence order works .
Experience of different techniques to onboard data into splunk like with
agent or agentless inputs
understand the difference between Universal forwarders and Heavy forwarders
understanding of SPL is a benefit
an understanding of error messages and logs displayed by various software
ability to troubleshoot, diagnose and solve issues independently
self-learner, ability to document learning as experience is gained
understanding of network protocols and topologies
strong technical troubleshooting and analytical skills
experience with platform and application automated deployment and version
control software e.g. (Ansible, Git, Bitbucket)
Fix whatever platform related issues independently
Make sure the platform is stable and avoiding any downtime.
Understanding of device & security logs and able to extract data from logs
using regular expressions.
Excellent understanding of Security Incident detection and remediation
workflow.
Hands on Experience in writing custom scripts for task automation.
a knowledge of the MITRE ATT&CK framework is a plus for you
ability to prioritise workload
excellent written and spoken English
calm and logical approach 


Reference : Splunk L3 Consultant jobs


Recent jobs at c2csaini
Full-time Mainframe developer at c2csaini in Colorado 13-04-2021
Full-time Front End Engineer at c2csaini in Minnesota 13-04-2021
Full-time Sr. Salesforce developer at c2csaini in Virginia 13-04-2021
Full-time GCP Certified Cloud Engineer at c2csaini in Texas 09-04-2021
Full-time Technical Project Manager at c2csaini in Texas 09-04-2021

« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend
Published at 27-03-2021
Viewed: 11 times