Job Description

& Requirements

Responsibilities

Perform checks and troubleshoot, if necessary, to ensure the Splunk services are running as intended for all environments.

Maintain and monitor Splunk infrastructure (Search Heads, Indexers, Forwarders, Deployment Server, Cluster Master, etc.).

Ensure uptime and system health via monitoring, tuning, and log analysis (including introspection, metrics logs).

Manage indexing performance and storage usage: data retention, index lifecycle, bucket management.

Generate and check reports from the system to ensure the system and agents are working as intended

Perform checks and troubleshoot if necessary, to ensure that the Splunk forwarders (agents) are working and can pipe logs back to Splunk systems.

Perform checks and troubleshoot if necessary, to ensure the Splunk systems can receive logs from sources such as cloudwatch or syslogs servers.

Integrate Splunk with the Authority's systems and processes to perform real-time monitoring and alert when Splunk infrastructure is not working well, so that issues can be attended to early. (eg. log breaks, disconnected agents, search-head hung from insufficient resources, etc)

Fine tune Splunk rules according to the Authority's request.

Perform parser validation or write new custom parser according to the Authority's request

Work closely with the Authority's SOC to ensure Splunk supports threat detection, auditing, and incident response use cases.

Change the passwords for all privilege and services accounts for the Splunk systems regularly

Ensure the Splunk systems is working as intended during the Authority's periodic BCP and DR exercises.

Investigate problems and provide assistance to triage issues.

Correct defects in the System, including temporary corrections or workarounds until permanent fixes or updates are available.

Prepare incident report including the root cause analysis and necessary resolution

Track and report issues, support cases and incident resolutions on a weekly basis.

The Resident Engineer shall perform critical high-risk works during maintenance windows specified by the Authority, which may be off-office hours or during weekends, at no additional cost to the Authority. The Authority will compensate with off-days for work done over non-working days.

The Resident Engineer shall be responsible of all the corrective and preventive maintenance of the Splunk systems in all environments.

The Resident Engineer shall remediate all vulnerabilities or penetration test findings pertaining to the Splunk systems.

The Resident Engineer can raise tickets to Splunk principal for support and queries.

System Monitoring & System changes

Requirements

At least 3 years experience working on Splunk system

Possess Splunk Enterprise Certified Admin certifications or equivalent.

If the requirement matches with your profile, kindly share your updated CV/resume to Aparna at aparna@wshexperts.com.sg.

Job Type: Full-time

Pay: $6,000.00 - $7,000.00 per month