Senior Analyst - Splunk Engineer (L09)

Job Description:

Role Title: Senior Analyst - Splunk Engineer (L09)

Company Overview:

Synchrony (NYSE: SYF) is a premier consumer financial services company delivering one of the industry’s most complete digitally enabled product suites. Our experience, expertise and scale encompass a broad spectrum of industries including digital, health and wellness, retail, telecommunications, home, auto, outdoors, pet and more.

• We have recently been ranked #2 among India’s Best Companies to Work for by Great Place to Work. We were among the Top 50 India’s Best Workplaces in Building a Culture of Innovation by All by GPTW and Top 25 among Best Workplaces in BFSI by GPTW. We have also been recognized by AmbitionBox Employee Choice Awards among the Top 20 Mid-Sized Companies, ranked #3 among Top Rated Companies for Women, and Top-Rated Financial Services Companies.

• Synchrony celebrates ~51% women diversity, 105+ people with disabilities, and ~50 veterans and veteran family members.

• We offer Flexibility and Choice for all employees and provide best-in-class employee benefits and programs that cater to work-life integration and overall well-being.

• We provide career advancement and upskilling opportunities, focusing on Advancing Diverse Talent to take up leadership roles.

Role Summary/Purpose:

The Splunk Engineer will work as part of a team and with users across the firm to configure and monitor Splunk Enterprise, onboard key data sources, ensure CIM compliance, build data models, document indexes, and implement new technical integrations and best practices. This role also performs Linux system administration tasks in support of the Splunk environment, including network and multi-system OS troubleshooting, and develops dashboards to enhance transparency. He or she will endeavor to improve operational robustness, automation and high standards of change management as well as advising and mentoring others.We are looking for a talented Splunk Onboarder to join our dynamic team and play a pivotal role in helping clients harness the full potential of the Splunk platform. This role will require a mix of technical expertise, customer service skills, and a proactive attitude to ensure successful onboarding and seamless integration of Splunk within diverse environments. You will be at the forefront of enabling customers to use Splunk effectively for data analysis, monitoring, and operational insights. You will work closely with stakeholders to understand their needs, implement solutions, and provide ongoing support. This role will be part of the Enterprise Technology Tooling (Splunk Data Engineering & Onboarding) group part of CTO organization.

Key Responsibilities:

• Onboard data into Splunk

• Ensure Common Information Model compliance

• Enable Common Naming, where possible for Application logs

• Utilize multiple methods for onboarding data, including, file and directory monitoring, modular inputs, Http Event Collector, API and REST integration

• Configure and monitor Linux systems

• Configure and monitor rsyslog listeners

• Configure and monitor Splunk Enterprise

• Automate ongoing Splunk and system Administration tasks

• Run patching, vulnerability, and forwarder remediation activities

• Support development of scripts (python, JavaScript, etc.) as needed in support of data collection and/or reporting and presentation requirements

• Work with counterparts across Infrastructure organization to ensure smooth integration with other teams and processes

• Update and maintain documentation on operational processes, how to guides, and lessons learned in support of continual improvement

• Peer review team members’ work

• Assess existing customer environments and identify the prerequisites for successful onboarding. 

• Guide customers through the onboarding process to set up and configure Splunk Cloud/Enterprise solutions.  

• Understand client requirements and design tailored solutions.

• Prepare detailed project plans and timelines for onboarding processes. 

• Install, configure, and integrate Splunk solutions for clients. 

• Implement Splunk apps, add-ons, and integrations with third-party tools. 

• Ingesting Enterprise applications, tools and data sources, including logs, metrics, APIs, syslog, HEC, Agents, Apps & Add-ons, SNMP, cloud services, etc.

• Assist with data ingestion, dashboards, and reporting configuration.

• Proactively identify and resolve onboarding issues to ensure a smooth customer experience. 

• Collaborate with customers, technical teams, and other stakeholders to ensure smooth integration.

• Work closely with Splunk sales and engineering teams to address technical issues and improve onboarding processes. 

• Provide hands-on technical troubleshooting for installation, configuration, and performance optimization. 

• Conduct knowledge transfer sessions and train clients on Splunk’s capabilities and best practices. 

• Provide post-onboarding support and address client queries. 

• Monitor system performance during the onboarding phase and make necessary adjustments to meet client expectations.

• Recommend improvements and ensure a seamless user experience.

• Maintain clear and detailed documentation of onboarding processes, configurations, and best practices. 

• Develop and maintain best practices, playbooks, and knowledge-sharing resources for onboarding processes. 

• Stay up-to-date with new Splunk releases and features to provide cutting-edge solutions. 

• Implement and manage Splunk apps and add-ons for advanced use cases, such as ITSI or Enterprise Security (ES).

• Implementing data streaming using different tools and methods including Splunk and Cribl Platform.

Required Skills/Knowledge:

• Strong knowledge and Strong hands-on experience with Splunk Enterprise/Splunk Cloud.

• Hands-on experience with data onboarding and creating dashboards, alerts, and reports.

• Familiarity with scripting languages (Python, Bash, etc.) and regular expressions. 

• Experience integrating Splunk with various data sources, including logs, metrics, APIs, syslog, Splunk HTTP Event collection (HEC), Agents, Apps & Add-ons, SNMP, cloud services, etc.

• Data onboarding, parsing, and search optimization. 

• Familiarity with Linux/UNIX and Windows operating systems (understanding of file systems, environment, user and groups)

• Ability to develop and maintain strong collaborative relationships at all levels across IT and the business.

• Superior decision-making, client relationship, and vendor management skills.

• Basic understanding of firewalls, ports and how to check connectivity between 2 environments

• Exposure to public cloud ecosystem (AWS, Azure and GCP) and its components

• Experience with Splunk integration to AWS, Azure, and GCP.

• Strong Working Knowledge of the Splunk and Cribl Platform.

• Ability to troubleshoot performance and issues, as well as installation and Splunk upgrades

• Strong experience in analyzing, troubleshooting and providing solutions for technical issues.

• Experience with Splunk Enterprise Security.

• Experience in ingesting logs from DB Connect app.

• Knowledge and experience in GIT.

• Experience in requirement gathering and documentation.

• Experience in Log parsing, lookups, calculated fields extractions using regular expression(regex).

Desired Skills/Knowledge:

• Experience as Splunk Onboarder in an enterprise-scale environment

• Working experience troubleshooting, including troubleshooting feeds in a Splunk Enterprise environment

• Mastery of Regular Expressions, familiarity with differing cluster topologies

• Ability to manage Splunk indexers including index storage

• Mastery of Linux system administration and management, including Rsyslog configuration

• Proficient with scripting and python

• Experience with Agile Management Principles

• Experience in Change Management Procedures

• Experience with Version Control tools – Git, Bitbucket

• Strong operational and process mindset

• Results driven, strategic, conceptual, and innovative thinker

• Ability to work with partners across the firm, develop operational processes, understand needs, sources and prioritize work based on both firm priorities and overall onboarding efficiency.

• Ability to work independently as well as part of a team

• Ability to work on new assignments that demand from the role

• Expertise to clearly define complex issues despite incomplete or ambiguous information

• Excellent communication and relationship building skills

• Strong customer-facing skills with the ability to communicate technical concepts to non-technical users. 

• Analytical mindset with problem-solving abilities. 

• Proactive and self-driven attitude with the ability to manage multiple tasks. 

• Team-oriented and collaborative. 

• Ability to lead and inspire teams and clients through complex projects.

• Understand client business goals and align Splunk solutions to achieve them.

• A strong focus on delivering value and ensuring client success. 

• Understanding on DevOps pipelines

• Exposure to Operations task like Job Scheduling, monitoring, Health check of the platforms, automations etc

• Understanding of SAFe methodology/working in Agile environment

• Excellent written and oral communication skills, along with a strong ability to lead and influence others.

Eligibility Criteria:

• Bachelor's degree in Computer Science or similar technical field of study with minimum 2+ years of technology experience, or in lieu of a degree 4+ years of Technology experience

• 2-4 years of experience in Splunk implementation, onboarding, and administration. 

• Minimum 2+ years of experience in managing Splunk Onboarding Activities.

• 2+ years’ experience with Linux system administration

• Understanding of IT security, compliance standards and security frameworks (e.g., SOC, SIEM). 

• Experience with cloud platforms (AWS, Azure, or GCP).

• Familiarity with containerization and orchestration tools (e.g., Kubernetes, Docker)

• Knowledge of IT Service Management (ITSM) and monitoring tools.

• Knowledge of other data analytics tools or platforms is a plus. 

• Certifications such as Splunk Core Certified User/Power User/Administrator are highly desirable. 

• Candidate must be flexible working in 24x7x365 shifts

Work Timings: 1 PM to 10 PM IST

(This role qualifies for Enhanced Flexibility and Choice offered in Synchrony India and will require the incumbent to be available between 06:00 AM Eastern Time – 11:30 AM Eastern Time (timings are anchored to US Eastern hours and will adjust twice a year locally). This window is for meetings with India and US teams. The remaining hours will be flexible for the employee to choose. Exceptions may apply periodically due to business needs. Please discuss this with the hiring manager for more details.)

For Internal Applicants:

• Understand the criteria or mandatory skills required for the role, before applying

• Inform your manager and HRM before applying for any role on Workday

• Ensure that your professional profile is updated (fields such as education, prior experience, other skills) and it is mandatory to upload your updated resume (Word or PDF format)

• Must not be any corrective action plan (First Formal/Final Formal, PIP)

• L4 to L7 Employees who have completed 12 months in the organization and 12 months in current role and level are only eligible.

• L8+ Employees who have completed 18 months in the organization and 12 months in current role and level are only eligible.

• L04+ Employees can apply

Grade/Level: 09

Job Family Group: