Jobs / Tailor Jobs / Splunk Administrator

Splunk Administrator

Beyon Cyber - Bahrain - Capital Governorate
Employment: Full Time

Role Overview:


We’re looking for a skilled Splunk Administrator with extensive experience in Splunk Enterprise implementation to join our Beyon Cyber team. You will be responsible for addressing and resolving all app/add-on related challenges, updating the ES content app across all customer environments regularly, and providing aid to customers to meet their audit requirements.



Main Responsibilities:


Splunk Enterprise Installation & Configuration:

  • Lead the installation, configuration, and maintenance of Splunk Enterprise across various environments.
  • Optimize Splunk performance, including data indexing, search efficiency, and storage management.
  • Manage Splunk licenses and ensure compliance with licensing agreements.



Syslog-ng Configuration & Fine-Tuning:

  • Configure and fine-tune syslog-ng to ensure accurate and efficient log data ingestion into Splunk.
  • Monitor and troubleshoot syslog-ng issues to ensure continuous log flow.
  • Implement best practices for syslog-ng configuration to enhance log data integrity and availability.



Log Source Onboarding & Validation:

  • Lead the onboarding of new log sources, ensuring they are correctly ingested and indexed within Splunk.
  • Validate and verify the accuracy and completeness of log data from various sources.
  • Develop and maintain documentation for log source onboarding processes and procedures.



Implementation of Apps & Add-ons:

  • Install, configure, and manage Splunk apps and add-ons to extend the platform's functionality.
  • Customize and tailor Splunk apps to meet specific customer needs and environments.
  • Regularly update the ES (Enterprise Security) content app across all customer environments, ensuring the latest threat intelligence and security frameworks are applied.



Customer Support & Troubleshooting:

  • Collaborate closely with customers to understand their specific needs and ensure that Splunk configurations align with their objectives.
  • Address and resolve app/add-on-related challenges within all customer environments.
  • Provide expert troubleshooting for log source issues, ensuring rapid resolution of any data ingestion or processing problems.
  • Support customers in meeting their audit requirements by providing timely and accurate log data and reporting.
  • Proactively identify opportunities for improvement in customers' Splunk environments and suggest enhancements.



Documentation & Reporting:

  • Maintain detailed and up-to-date documentation for all Splunk-related processes, configurations, and troubleshooting procedures.
  • Generate regular reports on Splunk performance, data ingestion, and app/add-on utilization.
  • Document customer interactions and support provided, ensuring clear records of all activities.



Qualifications:


  • A minimum of 5 years of experience in Splunk is required
  • Has a strong understanding of essential Cyber Security knowledge
  • Proficiency in LogRhythm, Microsoft Sentinel, SIEM implementation and Administration is a plus
  • Must be able to speak and write fluently in English
  • Must be willing to relocate to Bahrain

Apply on the Job Website
Post date: 7 September 2024
Publisher: LinkedIn
Post date: 7 September 2024
Publisher: LinkedIn