0

applicants

Full-time Splunk L3 Consultant

at c2csaini in Texas


Splunk L3 Consultant

Location : Frisco, TX

Passed Trainings/Certification level:


Splunk Enterprise Data Administration is a must
Splunk System Administration is a must
Splunk architect training or certification
Splunk Troubleshooting
Administering Splunk Enterprise Security Job Descriptions:

Your responsibility is going to be to get all the agreed data from different
technology or application in scope and make sure data is being received by our
SIEM solution or in core Splunk and with all important attributes.

Excellent communication skills are mandatory for this type of tasks, as a lot
of engagement with the internal customers happens on a daily basis. You will be
responsible for data mapping according to the CIM , Data masking , Knowledge
objects , fine tune queries , create reports,dashboards , saved searches ,
alerts , troubleshoot Splunk , Upgrade Splunk , Maintaining Clusters (Search
head cluster , Indexer cluster )

 

Essential Knowledge, Skills and Experience


Experience and good understanding of regex, how it works in Splunk
understanding of CIM is a must
Experience of mapping data to CIM data models , normalizing data etc.
Good hands on experience in Splunk knowledge objects like lookups, Field
extractions, field aliases , tags etc
Experience of working on props and transforms .conf file
understanding of Splunk architecture components, include search head
clustering, indexer clustering, deployment server and monitoring console
understanding of configuration files and relationship between GUI
configuration and backend configuration file impact
good understanding on how conf file precedence order works .
Experience of different techniques to onboard data into splunk like with
agent or agentless inputs
understand the difference between Universal forwarders and Heavy forwarders
understanding of SPL is a benefit
an understanding of error messages and logs displayed by various software
ability to troubleshoot, diagnose and solve issues independently
self-learner, ability to document learning as experience is gained
understanding of network protocols and topologies
strong technical troubleshooting and analytical skills
experience with platform and application automated deployment and version
control software e.g. (Ansible, Git, Bitbucket)
Fix whatever platform related issues independently
Make sure the platform is stable and avoiding any downtime.
Understanding of device & security logs and able to extract data from logs
using regular expressions.
Excellent understanding of Security Incident detection and remediation
workflow.
Hands on Experience in writing custom scripts for task automation.
a knowledge of the MITRE ATT&CK framework is a plus for you
ability to prioritise workload
excellent written and spoken English
calm and logical approach 


Reference : Splunk L3 Consultant jobs


Recent jobs at c2csaini
Full-time SAP MM Ariba at c2csaini in Arkansas 15-04-2021
Full-time R&D business Analyst at c2csaini in Maryland 15-04-2021
Full-time .NET Lead at c2csaini in Virginia 15-04-2021
Full-time Azure Databricks Engineer at c2csaini in Alaska 15-04-2021
Full-time Oracle EBS at c2csaini in California 15-04-2021

« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend
Published at 27-03-2021
Viewed: 11 times