Splunk Developer

- Prior experience Splunk enterprise cloud support large enterprise - Experience developing Splunk ITSI glass tables, service trees, correlation searches, KPI’s and notable event aggregation policies. - Splunk Administrator Certification (or equivalent experience) – Preferred - Experience with enterprise-scale operations and maintenance environments - Minimum 2+ years of experience with rule and advanced logic creation within SPLUNK - Cloud runtime services (e.g., AWS EC2, Lambda, CloudWatch, Azure compute, functions) - Experience with enterprise-scale operations and maintenance environments - Ability to interface well with end users. - Strong Communication, Written, and Verbal skills. Primary Responsibilities: - Engineer, configure, administer, and support enterprise observability solution, including both Splunk Cloud, Splunk ITSI and Splunk Infrastructure Monitoring Enterprise Edition. - Develop ITSI glass tables, service trees, Entity design, KPI’s and correlation searches. - Development of front-end searches, dashboards, and reports that are used for ops Analysts and IT engineers for advanced threat detection. Front-end development includes writing queries with Splunk’s SPL (Search Processing Language). - Perform root-cause analysis of any issues that arise post-implementation and work on solutions related to issue fixing. - Create low-level design artifacts independently and high-level design artifacts with guidance and supports prototyping through the creation of POCs. - Scaling will also include expansion of use cases and bringing new data sources into Splunk. - Performing Splunk health checks, including review of existing deployment architecture and Splunk search performance. Making necessary recommendations and corrections for optimization of system and platform performance. - Perform knowledge transfer to Ops Analysts and IT Engineers regarding Splunk use and performance. - Partner with risk, compliance, and cybersecurity teams, to meet corporate log management and SIEM policies, requirements, and standards. - Develop ingestion, onboarding and management efficiencies through automation and architectural enhancements. - Develop, improve, and automate processes for log management. - Design and implement dashboards and reports to meet business and user requirements. - Partner with various user areas to understand their needs and facilitate the maturation of our log and SIEM posture. - Maintain 24x7 uptime. - Continually identify and evaluate opportunities to improve performance, availability, and stability