Splunk Admin

Job Summary

As a Mid-Level Cyber Security Splunk Administrator, you will manage and optimize our Splunk SIEM environment to support security operations, data onboarding, use case development, and performance tuning. You will collaborate with security, infrastructure, and DevOps teams to ensure the Splunk platform effectively supports threat detection, alerting, and operational insights.

Key Responsibilities

• Administer, monitor, and maintain Splunk Enterprise/Splunk Cloud environments, including indexers, search heads, and forwarders.
• Onboard and normalize security and system logs, ensuring accurate parsing, field extractions, and CIM compliance.
• Create and tune dashboards, alerts, reports, and analytics that support security operations and incident response.
• Monitor and troubleshoot Splunk health, performance, and data ingestion issues; perform root cause analysis and resolution.
• Use SPL (Search Proc...