Administrator (Support & Operations)

Job Summary

Manage SIEM Solution and Supporting Unit for HCL and its global customers

Overall 7+ years of work experience but minimum 4 years of relevant experience in Splunk. Splunk cloud/on-prem enterprise & ES

Key Responsibilities

1. To adhere to quality standards, regulatory requirements and company policies.

2. To provide support for on call escalations and doing root cause analysis of given issue.

3. Work on value adding activities such Knowledge base update & management, Training freshers, coaching analysts.

4. To independently resolve tickets within agreed SLA of ticket volume and time.

5. To ensure positive customer experience and CSAT through First Call Resolution and minimum rejected resolutions / Reopen Cases.

Skill Requirements

• Certifications (must) 1) Splunk Power User 2) Splunk advance Power user 3) Splunk Admin Certifications (optional) 1) Splunk Architect 2) Splunk consultant 3) Splunk SOAR 4) Splunk ES admin 5) Splunk Cloud admin Responsibilities/Expected experience on • Resources should have extensive experience of data onboarding from different data sources like Network devices ,IDS/IPS logs, Threat intel, Infrastructure logs (windows, Linux), Application logs, Cloud based applications, SAAS based application, Database logs (SQL, ORACLE etc), proxy/web server logs, LDAP/AD, DNS logs etc.
• Worked on log aggregate tools like Syslog-ng, rsyslog, Haproxy, Nginx etc.
• Cloud ingestion
• Using Splunk forwarders, Use API, Scripted, HEC, and Applications • Forwarder management • Manipulating raw data • Installing and managing applications • Experience on Splunk apps/add-on, how these can be used to onboard data or for CIM compatibility • Experience/Understanding on Splunk knowledge objects (advance lookups, macros, field extractions, advance alerts, reports/dashboards, tags, data models, event types etc.) • Experience on Splunk advance dashboard creation using java script/CSS/HTML • Experience on troubleshooting over all components and their functionality • Experience on summary index/data models/reports and their acceleration • Comfortable to write advance regular expressions or modify/tune existing regex • Experience on Troubleshooting dashboards/Alerts/reports • Experience on data masking, data parsing, data trimming, data filtration • Experience on identifying data issues like timestamp issues, Line break issues, search time field extraction, index time field extraction • Should have und

Other Requirements

Educational Qualification: Bachelors and above degree in Computer Science, Information Technology, MIS, Engineering