Monitoring Administrator

Must Haves

• 2+ years administering Splunk in a cloud environment (AWS, Azure, or GCP)

• Strong experience with Splunk Cloud components: indexers, search heads, forwarders, deployment servers, clustering

• Hands‑on experience with data ingestion pipelines, parsing, indexing, and retention policies

• 2+ years of ServiceNow experience, including Event Management or Incident Management

• Proven experience integrating Splunk with enterprise and cloud environments

• Experience automating ServiceNow ticket creation from Splunk

• 2+ years of Linux server administration

• Strong troubleshooting skills with distributed systems

• Ability to build SPL searches, dashboards, alerts, and monitoring use cases

Plusses

• Experience with Microsoft Entra (user admin, SSO, MFA)

• Exposure to Datadog or other monitoring platforms

• Experience with Kubernetes, containers, or microservices logging

• Scripting experience (Python preferred; PowerShell also useful)

• Experience integrating Splunk with CI/CD pipelines or cloud-native services

Day‑to‑Day

The Monitoring Administrator spends their day managing and optimizing the organization’s Splunk Cloud and monitoring ecosystem. They design, deploy, and maintain Splunk environments, ensuring scalability, availability, and performance. A large portion of the day involves onboarding new data sources, tuning SPL searches, building dashboards, and developing operational, performance, and security monitoring use cases.

They troubleshoot ingestion issues, monitor Splunk health, perform upgrades and patching, and automate administrative tasks using Python or PowerShell. They also integrate Splunk with ServiceNow, cloud platforms, and CI/CD pipelines, while resolving day‑to‑day ServiceNow support tickets related to monitoring.

Collaboration is ongoing — partnering with security, operations, and application teams to refine monitoring requirements, support POCs for new monitoring solutions, and ensure compliance with governance and audit standards. They maintain documentation, support stakeholders, and continuously look for ways to improve monitoring efficiency, cost control, and visibility across the environment.