Transition Lead with Splunk-US
Hello Professionals, We have urgent requirement for Transition Lead with Splunk. Please have a look at the below job description, if interested please share your updated resume, email me, [email protected] or share any References. Role: Transition Lead with Splunk Location: Preferred NJ, Charlotte NC (Need to travel 2-3 times in a month) Duration: 6+ Months Job Description: • Expertise in SIEM (Security Identity and Event Management) tools such as SplunkSecurity Operations Center (SOC) • Transition management of Security Operations Center (SOC) from current set up to the proposed new state (and define its roadmap, transition plan, actionable, responsibilities and project schedule) • As a Splunk Consultant, Candidate's role will involve evaluating and enhancing existing Splunk deployments for customers to ensure optimal performance, efficiency, and utilization of the Splunk platform. Candidate will be responsible for conducting thorough assessments of Splunk environments, identifying areas of improvement, and implementing strategies to enhance the overall effectiveness of the system. Requirements: • Expertise in SIEM (Security Identity and Event Management) tools such as Splunk • Transition management of Security Operations Center (SOC) from current set up to the proposed new state (and define its roadmap, transition plan, actionable, responsibilities and project schedule) • Proven experience (8-12 Years) in Splunk administration, optimization, and performance tuning in enterprise-level environments. • Deep understanding of Splunk architecture, configuration, and best practices for data ingestion, indexing, search, and storage. • Strong knowledge of Splunk search processing language (SPL) and experience in optimizing complex search queries. • Familiarity with Splunk data models, pivot, and visualization capabilities. • Good understanding of IT infrastructure components, including networking, systems, applications, and security. • Strong communication and interpersonal skills, with the ability to effectively communicate technical concepts to non-technical stakeholders. • Splunk certifications (e.g., Splunk Certified Architect, Splunk Certified Admin) are a plus. Responsibilities: • Splunk Environment Assessment: Evaluate existing Splunk deployments to identify areas of improvement, including data ingestion, indexing, search performance, storage utilization, and overall system health. Perform in-depth analysis and gather relevant metrics to assess the efficiency and effectiveness of the Splunk environment. • Performance Optimization: Analyze and optimize the search queries, data models, and indexing strategies to improve search performance and reduce response times. Fine-tune Splunk configurations and parameters to maximize resource utilization and minimize bottlenecks. • Data Onboarding and Integration: Review data sources and data ingestion processes to ensure efficient and accurate data collection. Advise on best practices for onboarding different data types, including logs, events, metrics, and external data sources. Optimize data parsing, normalization, and enrichment techniques. • Dashboard and Report Optimization: Evaluate existing dashboards, reports, and visualizations to enhance their usability, relevance, and performance. Collaborate with stakeholders to understand their reporting requirements and provide recommendations for improved data visualization and user experience. • Capacity Planning and Scalability: Assess current resource utilization and provide recommendations for scaling the Splunk infrastructure to accommodate future data growth. Analyze system capacity and design appropriate scaling strategies, including clustering, load balancing, and high availability configurations. • Documentation and Reporting: Prepare detailed reports and documentation summarizing the findings of the Splunk review and optimization process. Provide clear and concise recommendations for improvements, including step-by-step instructions and best practices. Apply tot his job