[Immediate Start] Splunk Admin

Job Summary :

We are looking for a skilled Splunk Administrator with hands-on experience in deploying and managing Splunk Enterprise and Splunk Cloud. The ideal candidate should have experience in Splunk Enterprise Security (ES), Splunk UBA, and IT Service Intelligence (ITSI). This role requires strong technical skills, along with the ability to communicate effectively with customers.

Key Responsibilities :

Splunk Deployment & Administration :

Install, configure, and manage Splunk Enterprise and Splunk Cloud.

Handle indexers, search heads, forwarders, and clustering.

Optimize Splunk performance, storage, and scalability.

Security & Splunk Monitoring Solutions :

Implement and manage Splunk Enterprise Security (ES), Splunk UBA, and ITSI.

Configure correlation searches, threat intelligence feeds, risk-based alerting (RBA), and dashboards.

Troubleshoot security-related issues within Splunk.

Customer Interaction & Troubleshooting :

Engage with customers to understand their requirements and provide technical guidance.

Troubleshoot and resolve Splunk-related issues, logs ingestion, parsing, and data onboarding.

Splunk Architecture & Implementation :

Design, deploy, and optimize Splunk Enterprise and Splunk Cloud environments.

Lead end-to-end Splunk implementations, migrations, and upgrades.

Manage search head clustering, indexer clustering, and data retention policies.

Security & Observability Solutions :

Architect and configure Splunk Enterprise Security (ES), Splunk UBA, and ITSI.

Implement risk-based alerting (RBA), custom correlation searches, and advanced analytics.

Integrate Splunk with SOAR, cloud platforms (AWS, Azure, GCP), and third-party security tools.

Team Leadership & Customer Engagement :

Lead and mentor a team of Splunk Administrators & Engineers.

Interact with customers to gather requirements, design solutions, and conduct workshops etc.

Review and improve Splunk use cases, dashboards, and data models.

Optimization & Automation :

Develop custom scripts (Python, Bash, PowerShell) for automation and orchestration.

Tune Splunk performance, search queries, and indexing strategies.

Implement best practices for data onboarding, parsing, and CIM compliance.

Must-Have Skills :

3+ years of hands-on Splunk experience, including Enterprise Security, UBA, and ITSI.

Strong expertise in Splunk architecture, data ingestion, parsing, and CIM mapping.

Deep understanding of SIEM, threat intelligence, and security analytics.

Proven ability to lead technical teams and drive complex Splunk deployments.

Strong communication skills – ability to present and explain Splunk solutions, Technical Terms to customers.

Splunk Certifications (Splunk Architect, Splunk ES Admin, Splunk Core Consultant, ITSI Certified Admin).

Exposure to machine learning models, anomaly detection, and advanced analytics in Splunk.

Interested can share their updated resume to gayathri.ramaraj@locuz.com along with the below mentioned details.

Current CTC : Expected CTC :

Notice Period :

Preferred Job Location :