Title: Splunk Administrator
Location: Raleigh, NC
Status: Green Card/US Citizen
Clearance: Ability to obtail Public Trust
Candidate will configure and manage Splunk servers.
Specifically configuring data inputs and data routing, user accounts and data management policy as well as basic troubleshooting and monitoring.
-Experience with implementing and administering Splunk.
-Experience with Linux and Windows agents for Splunk administration with a solid understanding of the Splunk system; understands paging and swapping, inter- process communication, devices and what device drivers do. Ability to create operations documentation for maintaining the Splunk infrastructure.
-Ability to automate processes.
-Familiarity with fundamental networking/distributed computing environment concepts; can configure NFS and LDAP;
-Understands basic routing concepts.
-Strong knowledge of system, database and network security
-Very strong analysis/troubleshooting skills
-Experience with evaluating and/or recommending hardware purchases
-Good communication skills
Technically what is expected:
- Monitor - CPU, DISK, and Memory
- Monitor - access, authorization and other applicable monitoring logs
- Security Events - to be monitored and alerted against
1. Account locked, disabled, enabled, multiple failed logons (more than 3 in 3 mins/ per user)
2. Groups - Sensitive group membership change - Admin users group add / removes
3. Viruses - Alert if any virus is detected in any of the system -- Send email alerts -Ensure OS is generating the right level logs to be harvested by Splunk
- Granular, Role-based Security
- Restrict access to sensitive production servers.
Opportunity Employer M/F/D/V