Splunk Administrator

Role Title: Splunk Administrator
Role Location: Alpharetta, GA; Charlotte, NC; Chicago, IL; Conshohocken, PA; Denver, CO; Fargo, ND; Garden City, NY; Houston, TX; Lubbock, TX; Morristown, NJ; Mt Juliet, TN; New York, NY; Purchase, NY; Topeka, KS
Canada - Toronto, Ottawa, Mississauga
ROLE SUMMARY

• The Splunk Administrator is responsible for supporting and maintaining Sompo s Splunk Cloud
• environment and associated log ingestion components. This role ensures reliable data collection across
• diverse sources, monitors platform health and capacity, and performs ongoing administration, updates,
• and configuration to support security operations and analytics.

ROLE RESPONSIBILITIES

• Monitor log ingestion volumes and platform health using custom searches and Splunkbase tools.
• Ensure reliable log delivery and troubleshoot ingestion interruptions across supported sources.
• Administer intermediate log collection components, including Logstash, syslog, Heavy Forwarders, and related services.
• Manage Splunk application configurations on Universal Forwarders using the Splunk Deployment Server.
• Perform Universal Forwarder upgrades and maintenance to address security, stability, and version requirements.
• Manage and update Splunk applications within the Splunk Cloud environment.
• Collaborate with security and infrastructure teams to support onboarding of new log sources.
• Document configurations, procedures, and troubleshooting steps for operational use.

TECHNICAL QUALIFICATIONS

• Handson experience administering:
• 3 5 years of handson experience administering Splunk in an enterprise environment.
• Splunk Cloud and onprem Splunk infrastructure, including Heavy Forwarders, Deployment Server, and Universal Forwarders.
• HTTP Event Collector (HEC).
• Common Splunk Technology Addons (TAs), including Azure, Okta, and other cloud services.
• Splunk data models and data normalization practices.
• Splunk features such as alert actions, SAMLbased authentication, KV store, and lookups.
• Splunk role based access controls and permission models.
• Data management features including DDAS and reindexing processes.

Familiarity with:

• Azure Event Hubs, Kafka, Log Analytics Workspaces, and cloud based logging pipelines.
• Windows Event Collection (WEC) and Windows Event Forwarding (WEF).

GENERAL QUALIFICATIONS

• Ability to create clear, concise technical documentation for both technical and nontechnical
• audiences.
• Strong analytical and troubleshooting skills with the ability to work independently.
• Effective time and priority management in a multitask operational environment.
• Strong written and verbal communication skills.

EDUCATION REQUIREMENTS
Bachelor s degree in Information Technology, Computer Science, or a related field, or equivalent
professional experience.