Splunk Administrator

Splunk Administrator

Alpharetta, GA; Charlotte, NC; Chicago, IL; Conshohocken, PA; Denver, CO; Fargo, ND; Garden City, NY; Houston, TX; Lubbock, TX; Morristown, NJ; Mt Juliet, TN; New York, NY; Purchase, NY; Topeka, KS
Canada – Toronto, Ottawa, Mississauga

The Splunk Administrator is responsible for supporting and maintaining the company Splunk Cloud environment and associated log ingestion components. This role ensures reliable data collection across diverse sources, monitors platform health and capacity, and performs ongoing administration, updates, and configuration to support security operations and analytics.

Monitor log ingestion volumes and platform health using custom searches and Splunkbase tools.Ensure reliable log delivery and troubleshoot ingestion interruptions across supported sources.Administer intermediate log collection components, including Logstash, syslog, Heavy Forwarders, and related services.Manage Splunk application configurations on Universal Forwarders using the Splunk Deployment Server.Perform Universal Forwarder upgrades and maintenance to address security, stability, and version requirements.Manage and update Splunk applications within the Splunk Cloud environment.Collaborate with security and infrastructure teams to support onboarding of new log sources.Document configurations, procedures, and troubleshooting steps for operational use.

Hands‑on experience administering: 3–5 years of hands‑on experience administering Splunk in an enterprise environment.Splunk Cloud and on‑prem Splunk infrastructure, including Heavy Forwarders, Deployment Server, and Universal Forwarders.HTTP Event Collector (HEC).Common Splunk Technology Add‑ons (TAs), including Azure, Okta, and other cloud services.Splunk data models and data normalization practices.Splunk features such as alert actions, SAML‑based authentication, KV store, and lookups.Splunk role‑based access controls and permission models.Data management features including DDAS and reindexing processes. Familiarity with: Azure Event Hubs, Kafka, Log Analytics Workspaces, and cloud‑based logging pipelines.Windows Event Collection (WEC) and Windows Event Forwarding (WEF).

Ability to create clear, concise technical documentation for both technical and non‑technical audiences.Strong analytical and troubleshooting skills with the ability to work independently.Effective time and priority management in a multi‑task operational environment.Strong written and verbal communication skills.

Bachelor’s degree in Information Technology, Computer Science, or a related field, or equivalent professional experience.