Splunk Cloud Architect (Azure Environment)
- Remote
- Houston, Texas, United States
- Information Security
Job description
We are seeking a highly motivated Splunk Cloud Architect to design, implement, and manage a comprehensive Splunk solution within our Microsoft Azure environment. You will be responsible for the entire Splunk lifecycle, from ingestion of data from various sources to building insightful dashboards and reports. This role requires a deep understanding of Splunk Cloud, Azure integration, and experience working with diverse data sources.
Job requirements
Responsibilities:
- Design and implement a Splunk Cloud solution on Microsoft Azure for ingesting, indexing, and analyzing data from various sources, including:
- Cloud Providers: AWS, Azure (including Azure Monitor logs), GCP
- On-premise Systems: Apache, Tomcat, and other potential sources
- Configure data inputs, filters, transforms, and searches to extract valuable insights from the ingested data.
- Develop custom dashboards and reports to visualize key metrics and trends for different stakeholders within the organization.
- Establish and maintain alerting rules to proactively identify and notify relevant personnel of security threats or operational issues.
- Optimize Splunk performance by tuning indexes, searches, and reports for efficiency.
- Ensure the ongoing health and security of the Splunk environment through regular monitoring and patching.
- Collaborate with IT and security teams to integrate Splunk with existing security information and event management (SIEM) solutions.
- Document Splunk configurations, processes, and procedures for future reference and knowledge transfer.
Qualifications:
- Proven experience designing and implementing Splunk Cloud solutions (Splunk Cloud Admin or equivalent experience preferred)
- In-depth knowledge of Splunk Search Processing Language (SPL)
- Experience with data ingestion from various sources, including cloud platforms and on-premise systems
- Familiarity with Microsoft Azure and its integration with Splunk Cloud
- Understanding of security concepts and SIEM principles (a plus)
- Excellent analytical and problem-solving skills
- Strong communication and collaboration skills
- Ability to work independently and manage multiple projects simultaneously
Bonus Points:
- Experience with Splunk App development
- Experience with automation tools like scripting languages (Python, Bash)
- Certifications: Splunk Certified Admin, Splunk Certified Architect
or
All done!
Your application has been successfully submitted!