Role: Splunk Admin
Exp: 3 yrs – 8 yrs
Level: A & SA
Location Preference: Hyderabad
Notice Period: Immediate Joiners or short notice of 15-20 days max
Role Requirements
- Splunk Proficiency - Proficient in Splunk's architecture, query language, and best practices, including monitoring, troubleshooting, and maintaining systems. Ability to identify and resolve issues, analyse complex problems, and understand system behaviour at scale.
- Orchestration Tools - Puppet (preferred), or similar automation tools
- Cloud & Operating system - AWS & Linux/Windows
- Incident Handling - Assist in root cause analysis and change-related escalations
- Process & Runbook Usage - Must follow documented change processes and control gates strictly
- Communication – Good English verbal and written proficiency
- Support Model – 24x7
- Documentation - Update runbooks with rollback/validation steps; maintain versioned histories
Experience -
- 3–6 years in Splunk administration, engineering, or support
- ServiceNow workflows
- Splunk Search, Dashboards, ITSI (optional), troubleshooting, and maintaining systems
- Familiar with working in a compliance-driven engagement model
Key Responsibilities:
- Execute change requests as per Splunk TechOps runbooks and compliance standards.
- Use ServiceNow workflows and IA tickets for tracking and executing changes.
- Review and validate proposed Splunk configuration changes before implementation.
- Develop and maintain Splunk runbooks.
- Follow second-person review protocols and maintain documentation per guidelines.
- Provide ad hoc reporting and support customer escalations or incident investigations.
- Update and maintain supplier engineering runbooks with clear rollback instructions.
- Track KPIs and SLAs including successful execution rates of approved changes.
- Execute production-grade changes via ServiceNow
Preferred Certifications
- Splunk Core Certified Admin / Power User
- ITIL Foundation (for change process understanding)
- Puppet/Ansible certification (desirable)