Key skills
AWSAzureGoogle CloudSplunkSaaS
About this role
Splunk Security Engineer
10 Months contract Extension
100% Remote Job
Must Have Qualifications:
- Need a Splunk Engineer with strong Cybersecurity knowledge
- Splunk - focused on Information and Cyber Security.
- Candidate must have experience with hands-on security logs, and a strong understanding of technical differences in security logging space.
- Experience in log ingestion, parsing, and event typing
- Hands-on with threat detection using security logs
- Exposure to SOX environments
- Must understand what logs to capture and how to structure them for security monitorin
Job Description:
- The Information Security group at Clients has an exciting and challenging opportunity for someone who is interested in bringing their passion, dedication, and expertise to support the Information Security Event Management team.
- You will support engineering efforts to design, build, and maintain a new Splunk SaaS platform and support expansion of security log collection across a large hybrid environment.
- Job Responsibilities:
- Act as a Splunk Subject Matter Expert on an established team
- Implement approved Splunk SaaS architecture and design
- Support and maintain high availability for SaaS Splunk deployments
- Maintain Splunk architectural diagrams and documentation
- Troubleshoot complex integration challenges and configuration issues
- Seek opportunities for automation and integration of various tools and services
- Support onboarding activities and maintenance on a wide variety of data sources that include various OS, appliances, and application logs
Job Qualifications:
- 6+ years of experience with deploying, configuring, and performing functional testing and data validation in a Splunk environment
- Experience implementing Splunk installations from the ground up, including various server roles (Search Head, Indexers, Heavy Forwarders and Universal Forwarders, etc.)
- Must have advanced knowledge of Linux and Windows operating systems, and cloud technologies
- Preferred certifications: Splunk Enterprise Certified Admin, CISSP, AWS/Google Cloud Platform/Azure, GMON