True Zero Technologies · 8 hours ago

Splunk Engineer - Consultant Certified /ES Accreditation Required (R-00029)

100% Remote

Full-time

Remote

Mid Level

Maximize your interview chances

Information ServicesInformation Technology

Insider Connection @True Zero Technologies

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Maintaining various client's Splunk instances with a heavy emphasis on data on-boarding, content development, reporting, and visualizations.

Designing and implementing ground up distributed Splunk installations including all Splunk server roles (Search Head, Indexers, Heavy Forwarders and Universal Forwarders, etc.).

Maintaining and administering enterprise Splunk implementations.

Developing custom Splunk content including scheduled searches, reports, dashboards, etc.

Proficient at data on-boarding activities including custom parsing rules, custom Technology Add-On building according to Splunk's Common Information Model (CIM).

Configuring indexes, index routing, retention policies, etc.

Working in linux and windows environments, ability to configure: Storage subsystems (I.e. partitioning, Volume Groups, Logical Volumes, etc.), SELinux, Familiarity with different flavors of Linux distros (RedHat, CentOS, Ubuntu, etc.), File Permission Settings (linux/windows).

Managing expectations, and tracking engagement scope.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Splunk Core Consultant CertificationSplunk Enterprise Security AccreditationSplunk engineering experienceData onboardingCustom Splunk content developmentAdvanced Splunk configurationEnterprise Splunk administrationLinux environment experienceWindows environment experienceManage expectationsTrack engagement scopeLinux distrosFile Permission Settings

Required

Splunk Core Consultant Certification

Splunk Enterprise Security Accreditation required

Experience designing and implementing ground up distributed Splunk installations including all Splunk server roles (Search Head, Indexers, Heavy Forwarders and Universal Forwarders, etc.)

Experience with advanced configuration of Splunk including Indexer Clustering and Search Head Clustering.

Experience maintaining and administering enterprise Splunk implementations.

Experience developing custom Splunk content including scheduled searches, reports, dashboards, etc.

Proficient at data on-boarding activities including custom parsing rules, custom Technology Add-On building according to Splunk's Common Information Model (CIM).

Experience configuring indexes, index routing, retention policies, etc.

Experience working in linux and windows environments, ability to configure: Storage subsystems (I.e. partitioning, Volume Groups, Logical Volumes, etc.)

SELinux

Familiarity with different flavors of Linux distros (RedHat, CentOS, Ubuntu, etc.)

File Permission Settings (linux/windows)

Excellent written and oral skills, ability to work closely with multiple customers, manage expectations, and track engagement scope.