Splunk Admin

Role : Splunk Admin

Exp : 3 yrs – 8 yrs

Level : A & SA

Location Preference : Hyderabad

Notice Period : Immediate Joiners or short notice of 15-20 days max

Role Requirements

Splunk Proficiency - Proficient in Splunk's architecture, query language, and best practices, including monitoring, troubleshooting, and maintaining systems. Ability to identify and resolve issues, analyse complex problems, and understand system behaviour at scale.

Orchestration Tools - Puppet (preferred), or similar automation tools

Cloud & Operating system - AWS & Linux / Windows

Incident Handling - Assist in root cause analysis and change-related escalations

Process & Runbook Usage - Must follow documented change processes and control gates strictly

Communication – Good English verbal and written proficiency

Support Model – 24x7

Documentation - Update runbooks with rollback / validation steps; maintain versioned histories

Experience -

3–6 years in Splunk administration, engineering, or support

ServiceNow workflows

Splunk Search, Dashboards, ITSI (optional), troubleshooting, and maintaining systems

Familiar with working in a compliance-driven engagement model

Key Responsibilities :

Execute change requests as per Splunk TechOps runbooks and compliance standards.

Use ServiceNow workflows and IA tickets for tracking and executing changes.

Review and validate proposed Splunk configuration changes before implementation.

Develop and maintain Splunk runbooks.

Follow second-person review protocols and maintain documentation per guidelines.

Provide ad hoc reporting and support customer escalations or incident investigations.

Update and maintain supplier engineering runbooks with clear rollback instructions.

Track KPIs and SLAs including successful execution rates of approved changes.

Execute production-grade changes via ServiceNow

Preferred Certifications

Splunk Core Certified Admin / Power User

ITIL Foundation (for change process understanding)

Puppet / Ansible certification (desirable)