Sr. Splunk Administrator

Sr. Splunk Administrator

Hartford, CT

Fulltime (Permanent)

Job Description:

Experience Required: 8–10 years

Core Skills:

• Splunk Administration & Architecture: Splunk admin, Splunk development, indexers, search heads, forwarders, deployment server, platform configuration.
• SPL & Data Engineering: SPL (Splunk Processing Language), complex query building, data parsing, transformations, indexing, data onboarding.
• Monitoring & Observability (SRE): system monitoring, log analysis, incident troubleshooting, root cause analysis, platform health checks.
• Dashboards & Reporting: dashboards, alerts, reports, visualization, real-time monitoring.
• Performance & Scalability: Splunk optimization, high availability, scalability design, capacity planning.
• Security & Access Control: RBAC (role-based access control), data security, Splunk security best practices.
• Scripting & Automation: Python, Bash, automation scripting.
• Cloud Platforms: AWS, Azure, GCP (cloud-based Splunk deployments).
• Splunk Advanced Modules: Splunk Enterprise Security (ES), IT Service Intelligence (ITSI).
• Collaboration & Documentation: cross-team coordination, documentation, operational procedures.

Key Responsibilities:

• Administer and maintain Splunk infrastructure (indexers, search heads, forwarders, deployment servers).
• Develop and optimize SPL queries, dashboards, reports, and alerts.
• Manage complete data onboarding lifecycle (inputs, parsing, transformation, indexing).
• Monitor platform health, performance, and proactively troubleshoot issues.
• Implement best practices for performance, scalability, and high availability.
• Enforce security controls including RBAC and data protection.
• Collaborate with application, infrastructure, and security teams for integrations.
• Maintain documentation for configurations, dashboards, and operations.