Principal Splunk Architect

  • Competitive
  • London, England, United Kingdom London England GB
  • Permanent, Full time
  • IHS Markit
  • 14 Aug 18 2018-08-14

Principal Splunk Architect

IHS Markit offer a challenging and rewarding environment:
• High revenue systems with demanding performance and availability requirements
• Large & complex existing multisite Splunk cluster
• High expectations of performance and availability
• Strong desire to automate and improve service
• Private, public, and hybrid cloud adoption

IHS Markit invests significantly in current technology and this role will involve evolving the Splunk architecture and integrations for modern converged IT infrastructure including several different flavours of cloud.

The successful candidate will be the principal technical and architectural resource for Splunk, providing guidance, leadership and hands-on technical know-how for all matters Splunk.

IHS Markit engineers are expected to stay abreast of general industry trends, and how they can bring value to its customers.

Duties & accountabilities

  • Splunk platform maintenance, capacity management and software updates
  • Architectural design including future proofing, capacity considerations and seamless datacentre and cloud migrations
  • Providing and maintaining first rate documentation including business cases, tools analysis, architecture diagrams, standards, support procedures, compliance policies
  • Splunk technology roadmap delivery & maintenance - keeping up to date with the Splunk products direction, and competing or similar toolsets, and aligning with our internal roadmaps
  • Delivery of technical and user training internally
  • On call / out of core business hours support for platform issues and incidents
  • Technical support and troubleshooting of the platform and integrations
  • Liaise with internal technical and non-technical teams to understand their requirements and evaluate justification of Splunk usage
  • Delivery of new data source and tools integrations
  • Delivery of standard operating procedures for core technologies - backup, recovery, patch, upgrade, clone, HA, DR, capacity management - and execution as required
  • Generating new, and sharing old, ideas
  • Sharing knowledge and experience to audiences with different levels of technical understanding
  • Requirements gathering
  • Proposing, or reviewing, new feature/technology adoption
  • Testing new versions of the core product or add-ons including Enterprise Security
  • Complex incident and problem resolution, including application and infrastructure performance problem investigations
  • Budget management, forecasting, tracking, submission and justification
  • Improving licence utilisation & management
  • Data analysis and quality control
  • Organise and direct team and/or contractors to deliver feeds, tools integrations and custom software.

Education and experience
More emphasis will be placed on a candidate's ability to evidence their technical and soft skills than on their academic background.

A successful candidate will have worked directly with Splunk in an architectural capacity for 6+ years, and must be able to evidence delivery of large scale Splunk deployments and operational support over several years of that, including Enterprise Security.

The candidate will have operated in environments that have constantly challenged them, enabling them to develop very strong interpersonal and technical capabilities.

The candidate will be certified both as a Splunk Architect and Splunk Enterprise Security administrator. The candidate must have a strong background in Linux and have proven scripting skills in Python and bash.

The successful candidate will be able to demonstrate a deep understanding, and hands-on experience, with all aspects of the following processes and technologies:
  • Large scale resilient, highly available and performant Splunk architectural design
  • Splunk installation, including multisite cluster and distributed search cluster installation and configuration
  • Splunk platform upgrades including core platform, Enterprise Security, distributed forwarder and search cluster upgrades
  • Splunk capacity forecasting (organic growth, new initiatives, application changes, infrastructure changes)
  • Splunk cluster maintenance and management, index provisioning, sizing and management.
  • Advanced Splunk searching, optimisation and dashboarding
  • Splunk PCI Compliance application - configuration and usage
  • Budgeting (forecasting, tracking)
  • RedHat Linux Enterprise Edition 6 & 7, and how its configuration and operation relate to Splunk
  • Windows 7 / 10 and how its configuration and operation relate to Splunk
  • Python / bash scripting - troubleshooting and the implementation of new automations
  • Strong AWS knowledge and experience, including deploying and managing EC2 instances using Terraform, capturing relevant source data from all aspects of AWS (Kinesis Firehose, SQS, Cloudwatch Logs, VPC Flowlogs, Inspector etc)
  • Azure knowledge and experience, including details of the security model
  • Audit compliance reporting and review
  • Project management and organisation
  • Data archiving and retrieval, low level cluster maintenance operations, backup and restore
  • Information security playbook and proven industry knowledge

In addition, knowledge or experience of the following will be beneficial:
  • Puppet Configuration management.
  • Git version control
  • Orchestration via VMWare vRealize, VMWare vRealize Orchestrator, or Ansible
  • Microsoft Azure services

Commercial awareness
Candidates must be able to estimate the costs related to delivering technology services, including software licencing, hardware purchasing and maintenance, human effort costs and the cost of delay. This understanding will be vital in designing services that meet the needs of the business, while remaining cost effective.

Management requirements
Experience of leading technical teams is required. The successful candidate will be responsible for understanding and prioritising operational tasks within the team, providing technical guidance and overseeing delivery as well as contributing personally.

The candidate should be confident and comfortable discussing ideas and presenting at a very senior level.

Personal impact
  • Experience is important, but there will be at least an equal focus on attitude and aptitude.
  • The successful candidate will be passionate about what they do, and be confident of the value they can bring to IHS Markit.
  • An overwhelming desire to improve oneself through research, learning, listening, and experimentation.
  • Strong motivation to share ideas, experience, and skills with others.
  • Willingness to put the needs of the company and colleagues above their own.
  • Appetite to take ownership of tasks, incidents, and problems, and the capability to complete/resolve them quickly and effectively. This also is an operational role so there is a requirement to provide technical support even out of standard office hours.
  • Sufficient self-confidence to question the status quo, and the diplomacy and influencing skills required to convince others to change.
  • An ability to apply logic to solve problems.
  • The candidate must be a self-starter, with the motivation and personal organisation to deliver their own work, and encourage delivery from those they depend upon, to project timelines.

We share what we do with peers, managers, and business partners though documentation, training, and knowledge transfer. The successful candidate will therefore be able to write clear, concise documentation that can be followed by people of all experience levels, and explain often complex topics to anyone from a junior developer to a CTO.

IHS Markit is a global organisation, employing people in a variety of industries and from a range of cultures. Clear and effective communication is vital to ensuring the successful adoption of the solutions you propose.

Within the Enterprise Monitoring team we share ideas, skills, and experiences, and shape what we do together. Candidates will need to show that they can thrive in this environment.
It is the policy of IHS Markit to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, IHS Markit will provide reasonable accommodations for qualified individuals with disabilities. We maintain a drug-free workplace. For candidates in the US, we are a participant in E-Verify (see link below).

EEO is the Law
EEO is the Law Supplement
Right to Work
Pay Transparency Policy

Current Colleagues If you are currently a colleague with IHS Markit please apply internally via Workday.