Job Information
UNIVERSITY OF TEXAS AT AUSTIN Cybersecurity SIEM Operations Engineer in Austin, Texas
Collaborate with a small team of engineers to design, build, and administer Splunk infrastructure in on-premise environment.Work with existing and custom Splunk applications and add-ons to fulfill customer needs.Provide overall engineering and design support for a distributed Splunk environment consisting of heavy forwarders, indexers, and search head servers, spanning security, performance, and operational roles.Onboard data to Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from various sources.Normalize data to ensure CIM compliance, and develop data models to accelerate queries, dashboards, and correlation searches.Implement Cribl-based data pipeline solutions to optimize data collection and processing.Manage multiple assignments, changing priorities, and work independently with little oversight.Conduct periodic architectural reviews of Splunk and related systems to assess effectiveness and propose optimal installation alternatives as required.Develop and manage comprehensive documentation, artifacts, procedures, and processes for the optimal management of the Splunk infrastructure.Other related functions as assigned.