Splunk Administrator

Key Responsibilities

• Administer and support Splunk Enterprise and Splunk Cloud environments
• Manage Splunk architecture components including Heavy Forwarders, Universal Forwarders, and Deployment Server
• Configure and maintain data ingestion using HTTP Event Collector (HEC) and other ingestion methods
• Monitor system health, performance, and capacity to ensure platform reliability
• Support and maintain Splunk Technology Add-ons (TAs) for integrations such as Azure, Okta, and other cloud platforms
• Troubleshoot data ingestion, parsing, indexing, and search performance issues
• Collaborate with security and infrastructure teams to support operational and security analytics

Required Skills & Experience

• 3–5 years of hands-on Splunk administration in enterprise environments
• Strong experience with Splunk Cloud and on-prem Splunk architecture
• Expertise in managing:
  • Heavy Forwarders
  • Universal Forwarders
  • Deployment Server
• Hands-on experience with HTTP Event Collector (HEC)
• Experience supporting Splunk Technology Add-ons (e.g., Azure, Okta, cloud services)
• Strong troubleshooting skills for ingestion, indexing, and search-related issues

Preferred Skills

• Experience with Splunk Enterprise Security (ES) or ITSI
• Knowledge of scripting (Python, Bash, or PowerShell)
• Experience with cloud platforms (AWS, Azure, GCP)
• Knowledge of indexing strategies and performance tuning

Posted By