Splunk Engineer

Franklin, Wisconsin


MARS Solutions Group is looking for an experienced Splunk Engineer, Franklin WI. Our client is a well-known financial service mutual organization seeking bright, tech-savvy talent. Join a strong, innovative, and growing team with impressive employee perks.

            
Description:            
The Splunk Enterprise Security Admin will perform enhancements, upgrades, and expansions to a large enterprise-scale Splunk Enterprise Security implementation in a Search Head Cluster. He or she will drive new technical integrations and best practices, assist with migration to the cloud, ensure robust searching and alerting across clusters, and troubleshoot issues as needed. The Splunk Enterprise Security Admin provides guidance and support to the Splunk Operations team and partners closely with the Security Content team, AWS Cloud team, Identity and Access Management, and the Splunk Development teams to enhance practices and ensure that Splunk is performing exceptionally well and reliably across the enterprise. 
The Splunk Enterprise Security Admin will perform enhancements, upgrades, and expansions to a large enterprise-scale Splunk Enterprise Security implementation in a Search Head Cluster. He or she will drive new technical integrations and best practices, assist with migration to the cloud, ensure robust searching and alerting across clusters, and troubleshoot issues as needed. The Splunk Enterprise Security Admin provides guidance and support to the Splunk Operations team and partners closely with the Security Content team, AWS Cloud team, Identity and Access Management, and the Splunk Development teams to enhance practices and ensure that Splunk is performing exceptionally well and reliably across the enterprise. 
 
Must-Have:  
• Manage and implement upgrades, enhancements, and expansions for Splunk Enterprise Security in a search head cluster environment
• Provide end-to-end technical oversight across security-relevant Splunk technology add-ons and knowledge objects
• Develop scripts (python, JavaScript, etc.) as needed in support of data collection or integration
Develop Custom Applications
Ensuring all the data is CIM compliant across datasources
• Knowledge of Splunk Development, including scripting and api development
• Build custom integrations
• Experience with Index clustering
• Develop searches, reports and dashboards
• Manage access controls for the Enterprise security cluster
• Maintain documentation including Management Guides, Operation Plans, Workflows, Processes, and Continuity of Business Plans

Desired Characteristics:
• Experience as Splunk Enterprise Security Admin in an Enterprise-scale environment
• Experience with Splunk Cloud
• Proficient with automation tools – Chef, Ansible
• Experience with Agile Management Principles
• Experience with Version Control tools – Git, Btbucket
• Expertise in Data Management and Enrichment
• Expertise in security data sources and use cases
• Knowledge of Data Analytics
• Ability to work independently as well as part of a team
• Highly analytical, detail-oriented, and strong problem solving with a common-sense approach to resolving problems
• Excellent communication and relationship building skills

Qualifications/Requirements:
• Minimum 3 years’ experience configuring and managing Splunk
• 2+ years’ experience as Splunk Admin, Architect or security content developer
• Certified as either Splunk Admin or Power User  
 
Nice to haves:   
deep cicd experience along with version control. 

About MARS Solutions Group:
MARS Solutions Group provides a range of opportunities for meaningful work by understanding that employment fit is a combination of people, process, and technology. We leverage our experienced and compassionate team to bring humanity to matching you with the right advanced technology role, and stay connected with you to help you attain your professional goals.