Splunk IT Service Intelligence Developer

Requirements :

- 4 - 5+ years of Splunk experience.

- Over all 7+ years of experience.

- 3 - 5+ years of Splunk IT Service Intelligence development experience mandatory. (ITSI)

- 4 - 8 years of overall industry experience as a technology practitioner (in IT Operations or Security).

- Successful enterprise level implementation of Splunk Cloud a plus.

- Experience in requirements gathering around the Splunk tool, documenting requirements, requirement analysis, product testing, etc.

Qualifications :

- Prior experience Splunk enterprise cloud support large enterprise (> 5000 servers)

- Experience developing Splunk ITSI glass tables, service trees, correlation searches, KPIs and notable event aggregation policies.

- Splunk Certification (or equivalent experience) Preferred

- Experience with enterprise-scale operations and maintenance environments

- Minimum 2+ years of experience with rule and advanced logic creation within Splunk.

- Cloud runtime services (e.g., AWS EC2, Lambda, CloudWatch, Azure compute, functions)

- Experience with enterprise-scale operations and maintenance environments

- Ability to interface well with end users.

- Strong Communication, Written, and Verbal skills.

Primary Responsibilities :

As a Splunk Engineer , you will be involved in the deployment or enhancement of Enterprise Infrastructure monitoring implementation of Splunks Cloud solutions that use big data to solve complex IT Operations challenges. Work includes :

- Engineer, configure, administer, and support enterprise observability solution, including both Splunk Cloud, Splunk ITSI and Splunk Infrastructure Monitoring Enterprise Edition.

- Develop ITSI glass tables, service trees, Entity design, KPIs and correlation searches.

- Development of front-end searches, dashboards, and reports that are used for ops Analysts and IT engineers for advanced threat detection. Front-end development includes writing queries with Splunks SPL (Search Processing Language).

- Perform root-cause analysis of any issues that arise post-implementation and work on solutions related to issue fixing.

- Create low-level design artifacts independently and high-level design artifacts with guidance and supports prototyping through the creation of POCs.

- Scaling will also include expansion of use cases and bringing new data sources into Splunk.

- Performing Splunk health checks, including review of existing deployment architecture and Splunk search performance. Making necessary recommendations and corrections for optimization of system and platform performance.

- Perform knowledge transfer to Ops Analysts and IT Engineers regarding Splunk use and performance.

- Partner with risk, compliance, and cybersecurity teams, to meet corporate log management and SIEM policies, requirements, and standards.

- Develop ingestion, onboarding and management efficiencies through automation and architectural enhancements.

- Develop, improve, and automate processes for log management.

- Design and implement dashboards and reports to meet business and user requirements.

- Partner with various user areas to understand their needs and facilitate the maturation of our log and SIEM posture.

- Maintain 24x7 uptime.

- Continually identify and evaluate opportunities to improve performance, availability, and stability