Splunk System Administrator

Description

TripleTen is a service that empowers individuals, regardless of their prior experience, to embark on the exciting and challenging journey of mastering tech professions. Our bootcamps focus on training students in software engineering, data science, business intelligence analytics, and QA engineering in a feasible and accessible way, ultimately leading them to thrive in a new career.

Our mission is to ensure that every student has the opportunity to successfully master a new profession, find their purpose, and become a valuable member of the tech industry. TripleTen is a remote-first organization, mirroring our students who complete our bootcamps in a remote environment.

As a Splunk System Administrator, you will own the health and performance of our Splunk Enterprise environment, ensuring high availability, reliability, and observability. You will be responsible for managing the performance of the Splunk server used in our cybersecurity bootcamp—a deployment with unique requirements and constraints that occasionally involve creative solutions.

You will collaborate with stakeholders (such as expert tutors, curriculum developers, and platform developers) to design and deploy new Splunk features, content, and integrations—such as dashboards, alerts, reports, and custom apps—while executing system administration tasks including performance tuning, index management, and authentication integration.

What you will do

• Maintain and monitor Splunk platform (upgrades, patches, health checks).
• Tune performance (index/search optimizations).
• Collaborate with stakeholders to develop and deploy Splunk features and content.
• Troubleshooting & Support: investigate incidents, analyze logs, run diagnostic queries, and resolve issues.
• Manage security and access (SAML/SSO, RBAC, user management).
• Onboard and configure data (indexes, timestamp correction, re-indexing).

Requirements

• 3+ years administering Splunk Enterprise (index & search head clusters, large datasets).
• Splunk Enterprise Certified Admin & Core Certified Advanced Power User.
• Strong SPL, SAML/SSO, RBAC, and Linux CLI troubleshooting skills.
• Experience deploying, managing, and administering self-hosted Splunk instances.
• Experience troubleshooting observability and monitoring pipelines, dashboards, and alerts.
• Strong organizational, problem-solving, and teamwork abilities.

What we can offer you

• Remote, part-time, shift-based work;
• Cross-cultural work experience and lots of opportunities for networking with teammates who love what they do;
• A comfortable digital office. We use modern digital tools — Miro, Notion, Google Meet, etc.— to make the process of working together seamless;
• Diverse and tight-knit team which is spread out across US, Serbia, Latin America and more.

*At this time, we are unable to offer H-1B, L-1A/B sponsorship opportunities.

**This job description is not designed to contain a comprehensive listing of activities, duties, or responsibilities that are required. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities at any time.



***TripleTen is an equal employment opportunity/affirmative action employer and considers qualified applicants for employment without regard to race, color, religion, sex, national origin, age, religion, disability, marital status, sexual orientation, gender identity/expression, protected military/veteran status, or any other legally protected factor.