Splunk Architect

Company: Aditi Consulting
Location: Raleigh
Posted on: April 18, 2025

Job Description:

Salary: $125k - $130k/Annually

Read all the information about this opportunity carefully, then use the application button below to send your CV and application.

Responsibilities:

Administer the Splunk based log management system and analyze the current logging capabilities
Ensure the Agency Information Security systems administered by the Team are sending all required logs to the log management system
Ensure the company Information Security systems administered by the Team are sending all required logs to the log management system
Maintain the Log Management and Security Information and Event Management (SIEM) system to collect and aggregate IDS/IPS data from network sensors, raw data from collection agents, firewalls (including but not limited to Layer 7 Application Firewalls), proxy servers, DLP, antivirus/endpoint protection software, and vulnerability scanner elements, and other important systems
Tune the SIEM and IDS/Intrusion Prevention System (IPS) events to minimize false positives
Generate vulnerability tickets in Jira and ServiceNow for vulnerability remediation
Tune the capabilities as practicable to improve efficiency and ensure that reporting capabilities of the log management system are working properly
Validate that company-GTTS log retention requirements are configured properly within the company-GTTS log management system
Identify shortfalls in the current capability and identify systems that are not sending logs to the company-GTTS log management system
Work in conjunction with GTTS-SOC to develop required dashboards and Splunk Playbook
Recommend improvements to current processes
Provide technical guidance to administrators of other IT systems to ensure their logs are sent to the company-GTTS's log management system
Configure company-GTTS's log management system role-based access controls so that logs for specific systems can only be accessed by designated administrators
Integrate Qmulos within Splunk log and manage compliance within Qmulos
Configure Splunk User Behavior Analytics working with the Security team.
Working with the security team, develop SOAR - Security Orchestration, Automation and Response strategies.



Must have skills for this role:

Required Qualifications:

7 years of experience with Splunk
Minimum 10 years of relevant experience
Must have Splunk Architect Certification
Experience in architecture, design, support, maintenance, and expansion of an enterprise log management/SIEM infrastructure in a highly resilient configuration
Experience in monitoring an enterprise log management/SIEM server and agent infrastructure for capacity planning and system optimization
Experience in deployment, configuration, and maintenance of log forwarder agents across a variety of UNIX and Windows platforms
Experience in collaboration with a variety of IT stakeholders in design and maintenance of production-quality log management/SIEM reports and dashboards to support data analysis and visualization
Experience in creation and maintenance of documentation related to log management/SIEM infrastructure configuration and operational processes
Advanced system administration skills with Linux operating systems
Knowledge of regular expression, scripting, and application development languages (e.g., Python, Perl, JavaScript, Linux shell scripting)
Understanding of security best practices
Experience with cloud platforms (e.g., AWS, Azure) and Splunk Cloud
Knowledge of cybersecurity principles and experience in security operations.



Preferred Qualifications:

Experience with security incident response and vulnerability management
Experience migrating from on-premises Splunk to Splunk Cloud



Pay Transparency: The typical base pay for this role across the U.S. is: $125k - $130k/Annually on W2. Final offer amounts, within the base pay set forth above, are determined by factors including your relevant skills, education, and experience and the benefits package you select. Full-time employees are eligible to select from different benefits packages. Packages may include medical, dental, and vision benefits, paid days off based on tenure, up to 40 hours paid sick time, 401(k) plan participation, commuter benefits and life and disability insurance.

For information about our collection, use, and disclosure of applicant's personal information as well as applicants' rights over their personal information, please see our Privacy Policy (https://www.aditiconsulting.com/privacy-policy).

Aditi Consulting LLC uses AI technology to engage candidates during the sourcing process. AI technology is used to gather data only and does not replace human-based decision making in employment decisions. By applying to this position, you agree to Aditi's use of AI technology including calls from an AI Voice Recruiter. #AditiConsulting

Keywords: Aditi Consulting, Greenville , Splunk Architect, Professions , Raleigh, North Carolina