The Splunk Security Engineer will be responsible for all day-to-day operation, maintenance and administration, data on-boarding and dash-boarding and support a Splunk Enterprise Security. This role requires all candidates to have hands on experience with Splunk and strong soft skills. The Splunk Security Engineer will primarily interface with the customer and the Splunk PS team throughout the duration of the customer engagement.
The Splunk engineer will also be responsible for the following:
- Provide industry standard expertise in the deployment, configuration, and operations of Splunk and Splunk Enterprise Security.
- Develops customized dashboards for operations, security and management teams.
- Reviews completion and implementation of system additions and/or enhancements and makes recommendations to management and/or clients.
- Plans and directs upgrades of systems, designs systems enhancements, and monitors capacity to maintain operational capacity, following change management processes.
- US Citizen and Security Clearance Eligible.
- 5 years minimum of Information Security Experience.
- 3-5 years of hands on experience with security monitoring tools such as FW, IDP/IDS and AV.
- Proficient with Splunk – configuration, monitoring and reporting.
- Must have extensive experience with Splunk configuration and troubleshooting.
- Must have extensive experience Administering Splunk Enterprise Security.
- Must have practice understanding of log and monitoring management systems, security event monitoring, network-based and host-based intrusion detection systems, firewall technologies, malware detection and enterprise-level antivirus solutions/systems.
- 2+ years experience w/ Splunk Enterprise Security.
- Splunk Certified Admin - REQUIRED.
- Splunk Enterprise Security Accreditation - REQUIRED.
- Splunk Certified Architect - PREFERRED.