Splunk Admin (InfoSec)
Ampcus Incorporated
US
Job highlights
Qualification
At least five (5) years of experience with Splunk in distributed deployments and at least one (1) year of experience with Splunk Cloud environments. Excellent written and oral skills, ability to work closely with multiple customers, manage expectations and track engagement scope. Proficiency in utilizing data on boarded by Splunk-developed add-ons (e.g. Windows, Linux, and common third-party devices and applications). Proficient in regular expressions. Must be able to effectively collaborate and work with others in a remote work environment. Current Splunk Enterprise Security Certified Admin certification
Job Description
Description
Required Current Splunk Enterprise Certified Admin certification At least five (5) years of experience with Splunk in distributed deployments and at least one (1) year of experience with Splunk Cloud environments Experience with Splunk Enterprise Security Excellent written and oral skills, ability to work closely with multiple customers, manage expectations and track engagement scope Experience with Splunk Enterprise Security or integration with other Security Information and Event Management (SIEM) platforms Proficient at search time activities including parsing and normalizing events to the Splunk Common Information Model (CIM) Proficiency in utilizing data on boarded by Splunk-developed add-ons (e.g. Windows, Linux, and common third-party devices and applications) Proficient in regular expressions Must be able to effectively collaborate and work with others in a remote work environment Preferred Current Splunk Enterprise Security Certified Admin certification Knowledge of JIRA and Confluence