AWS Splunk Administrator


AWS Splunk Administrator


Position Description:

  • CGI has an immediate need for AWS Splunk Admin to join our financial services team in one of our selected CGI locations: Columbia, SC; Belton, TX or Lafayette, LA.
  • Due to the current COVID-19 status, candidates will not be required to work within the physical work location at this time.
  • When COVID-19 restrictions are lifted, they will be required to be located within the proximity of the assigned CGI location.
  • This is an exciting opportunity to work in a fast-paced team environment supporting one of the largest leaders in the secondary mortgage industry.
  • We take an innovative approach to supporting our client, working side-by-side in an agile environment using emerging technologies.

Your future duties and responsibilities:

  • Work on advanced Splunk administration, and development efforts, with a goal towards enhancing/building out the Splunk infrastructure as it relates to application/machine logs, troubleshooting, reporting, custom queries, dashboards, and security roles administration.
  • Support, maintain, and expand Splunk infrastructure in a highly resilient configuration
  • Standardized Splunk agent deployment, configuration and maintenance across a variety of platforms
  • Troubleshoot Splunk server and agent problems and issues
  • Support Splunk developers and users in designing and maintaining production-quality dashboards
  • Available for escalations and support operations for Splunk
  • Monitor the agent and server infrastructure for capacity planning and optimization
  • Support Splunk on Unix, Linux and Windows-based platforms
  • Automate processes and procedures where applicable
  • Research, design, evaluate, recommend and support major hardware and software enhancements
  • Design, code and maintain custom scripts to increase system efficiency and lower the human intervention time on any tasks


Required qualifications to be successful in this role:

  • 8-10 years of relevant experience
  • Good Scripting experience in Python
  • Core Splunk Knowledge
  • Experience deploying apps within Splunk and administrating the Splunk platform.
  • Experience with data normalization and data modeling within the Splunk environment.
  • Experience in creating and managing Splunk DB connects Identities, Database connections, Database inputs, outputs, lookups, access controls, custom alerts, custom operations
  • Strong Understanding of Splunk platform configuration, Web UI, and Common Information Model.
  • Basic Understanding of regular expression.
  • Experience in Splunk Search Processing Language (SPL) and ability to customize queries to do advanced searching.
  • Experience in performing DevOps activities.
  • Experience managing objects (fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, and so on)
  • Experience in data onboarding/heavy Forwarders/Universal Forwarded
  • 2 years of Experience with Splunk Enterprise on AWS is required
  • Performs other duties as required or assigned
  • Onboarding of data including but not limited to:
    • AWS Data
    • Syslog Data sources
    • HTTP Event Collector
  • Administration of Splunk environment Troubleshooting parsing issues
  • Troubleshooting indexer errors
  • Configuration of outputs.conf
  • SSL Certificates for outputs.conf

Desired Skillset

  • AWS Splunk Enterprise Security, Data Models
  • Troubleshoot issues and platform stabilization
  • Migration to cloud 


  • Bachelor's Degree in Computer Science, Information Systems or relevant field of study


  • DevOps
  • Python
  • Splunk
  • Unix
  • Linux

How to Apply:

Apply online at

Visit Site to Apply

Location: Remote
Date Posted: March 30, 2023
Application Deadline: June 01, 2023
Job Type: Full-time