Splunk Specialist

We are seeking a skilled and experienced Splunk Engineer to join a dynamic IT team. As a Splunk Engineer, you will play a crucial role in maintaining and optimizing Splunk infrastructure to ensure the efficient collection, indexing, and analysis of machine-generated data. You will collaborate with cross-functional Security teams to implement and manage Splunk solutions that meet the organization’s operational and security needs.

The candidate must be a native of a NATO country, and hold a valid NATO Secret Clearance.

On-site set-up in Luxembourg (relocation required).

‌

Key Responsibilities:

Splunk Infrastructure Management:

· Install, configure, and maintain Splunk components, including Splunk Enterprise, Splunk Universal Forwarder, and Splunk Heavy Forwarder.

· Monitor and optimize the performance of Splunk clusters to ensure efficient data processing and search capabilities.

· Troubleshoot and resolve issues related to Splunk infrastructure, ensuring high availability and reliability.

Data Ingestion and Parsing:

· Design and implement data ingestion strategies for various log sources into Splunk.

· Develop and maintain parsing configurations to normalize and enrich incoming data for effective analysis.

· Collaborate with application owners and IT teams to onboard new data sources into Splunk.

Search and Reporting:

· Create and optimize search queries and reports to extract valuable insights from the indexed data.

· Customize and implement Splunk dashboards for different stakeholders to visualize key performance indicators and security metrics.

Security and Compliance:

· Implement security best practices within Splunk to safeguard sensitive data.

· Collaborate with the security team to configure and monitor alerts for suspicious activities or security incidents.

· Ensure compliance with industry regulations and internal policies related to log management and data retention.

Automation and Scripting:

· Develop automation scripts using SPL (Search Processing Language) and other scripting languages to streamline administrative tasks.

· Continuously seek opportunities to improve efficiency through automation in Splunk processes.

Documentation and Training:

· Maintain thorough documentation of Splunk configurations, processes, and troubleshooting procedures.

· Provide training and support to other IT team members on Splunk best practices and usage.

Qualifications:

• Bachelor’s degree in computer science, Information Security, or a related field.
• Proven experience as a Splunk Engineer in enterprise-level environments.
• Some experience in network and application security, with expertise in Palo Alto, Bluecoat, F5 (LTM, ASM, APM), ASA VPN is an asset.
• Strong knowledge of Splunk architecture, components, and best practices.
• Proficient in SPL and scripting languages like Python or Bash.
• Experience in designing and implementing data ingestion strategies.
• Solid understanding of security principles and their application in Splunk.
• Excellent problem-solving and troubleshooting skills, with the ability to work well under pressure.
• Strong communication skills and the ability to collaborate with diverse teams.
• A proactive approach to identifying and mitigating security vulnerabilities and risks.
• Demonstrated ability to work in a fast-paced and dynamic environment.
• Relevant certifications are a plus.
• The candidate must be a native from a NATO country, and a be holding a valid NATO Secret Clearance.
• ‌Language: Fluent in English.

Offer:

• B2B contract with Shimi, longterm
• 550 EUR/MD net
• On-site set-up in Luxembourg (relocation required).