JUNIOR SPLUNK DEVELOPER

About The Position

Requirements

• Splunk Enterprise Certified Admin certification.
• 1-3 years of demonstrable experience in implementing or maintaining a Splunk environment.
• 1 year of demonstrable experience in building Splunk content (e.g., dashboards).
• Demonstrable basic familiarity with the Linux operating system and terminal.
• Excellent written and verbal communication ability, including presentation and briefing skills.
• Ability to quickly learn new concepts and think outside the box to leverage the Splunk platform.
• Proficiency in the Microsoft Office software suite.

Nice To Haves

• Advanced Splunk Certification(s) (e.g., Architect, Consultant, Developer).
• Experience building custom Splunk apps from scratch.
• Experience with complex data-transforming SPL.
• Experience in front-end web development utilizing JavaScript, REST APIs, HTML, CSS, etc.
• Experience in server-side scripting utilizing Python, Bash, or Powershell.
• Experience integrating two or more applications using app-proprietary methods and/or scripting.
• Experience in user interface design or graphic design and Adobe Photoshop (or similar).
• Experience with BYOC Splunk in AWS, including AWS-specific data sources like CloudWatch, CloudTrail, and Lambda outputs.
• Familiarity with Risk Management Framework, Governance, Risk, and Compliance, Assessment and Authorization, and Authority to Operate processes.

Responsibilities

• Maintaining and enhancing custom Splunk platform functionality, including dashboards, UI, data entry screens, backend data stores, scripts, integrations, and REST endpoints.
• Maintaining, troubleshooting, and adding new inputs, parsers, and filters for data ingestion from various enterprise application groups.
• Troubleshooting Universal Forwarder anomalies, data source inconsistencies, and log ingestion interruptions, identifying root causes and rectifying issues on the Splunk UF/HF/SH/IDX side.
• Tuning search head performance, SPL efficiency, and knowledge bundles.
• Performing other Splunk operations and maintenance duties at the application, server, and integration layers.
• Evaluating third-party apps and TAs to meet business needs.
• Updating custom apps to ensure continuity of functionality before Splunk upgrades.
• Managing Splunk users, roles, and capabilities (adding, removing, modifying).
• Tracking work activities and projects using status reports, tickets, Kanban boards, etc.
• Assisting other members of a multi-tool administration team with applications like Tenable, Fortify, Carbon Black, NetWitness, etc.
• Collaborating with project managers, product owners, application teams, cybersecurity personnel, and executives to inform business decisions and achieve strategic goals or sprint targets.