IT Resident Engineer (Splunk maintenance)

Job Description

Responsibilities

System Operations

Perform checks and troubleshoot, if necessary, to ensure the Splunk services are running as intended for all environments.
Maintain and monitor Splunk infrastructure (Search Heads, Indexers, Forwarders, Deployment Server, Cluster Master, etc.).
Ensure uptime and system health via monitoring, tuning, and log analysis (including introspection, metrics logs).
Perform checks and troubleshoot if necessary, to ensure that the Splunk forwarders are working and can pipe logs back to Splunk systems.
Perform parser validation or write new custom parser according to the Authority’s request
Ensure Splunk supports threat detection, auditing, and incident response use cases.
Problem Resolution

Investigate problems and provide assistance to triage issues.
Track and report issues, support cases and incident resolutions on a weekly basis.
System Monitoring & System changes

Monitor Security advisory, new releases, notifications and maintenance expiry dates for all Software used in the System and assess the impact, if any.
Deploy and test system changes in the non-production environments when required.