Splunk Administrator
Job Summary :
The selected candidate will provide overall engineering and design support for the green field deployment and sustainment of a globally distributed Splunk environment consisting of Splunk Core components and the Enterprise Security SIEM Solution.
The Splunk Admin will be expected to performance operational roles of application sustainment as well as data on-boarding in support of the SIEM deployment.
The Splunk engineer will work closely with the Architect to operationalize the solution for use by the Security Operation Center (SOC) Analysts.
PRIMARY
Responsibilities:
The candidate must be familiar with recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data.
The Splunk engineer should be familiar with a Linux environment, editing and maintaining Splunk configuration files and apps.
The Splunk engineer will work with other Cybersecurity Engineering team members and will be required to interact with end users to gather requirements, perform troubleshooting, and aid with the creation of Splunk search queries and dashboards.
The Splunk engineer will be required interact with senior management, as necessary.
This person would also be responsible for knowledge transfer and training of our team as we implement the Security dashboards in Splunk.
It is expected that the SME will bring Skills and experience to this role and able to proactively address gaps in workflow related to SOC incident and investigations.
BASIC QUALIFICATIONS :
5
years' experience in the Information Technology arena.
4
years of experience in a Senior Splunk role 3
Years' experience in Linux (Red Hat Enterprise Linux 7) 2
Years' experience in app interface development, using REST API's to include add-ons from Fortinet, F5, Window, Unix, Tenable (ACAS), ePO and other common Security products.
PREFERRED QUALIFICATIONS :
Preferred Certification or equivalent
Experience:
Splunk Enterprise Certified Admin / Architect or equivalent knowledge Splunk Enterprise Security Certified Admin or equivalent knowledge Successful Candidates will be expected to perform the following tasks with minimal supervision and oversight.
Identify normal ES use cases Examine deployment requirements for typical ES installs Install ES and gather information for lookups setting up inputs using technology add-ons Create custom correlation searches Configure ES risk analysis, threat and protocol intelligence Fine tune ES's settings and other customizations No Supervisory req'ts #MS #GDSG #dcejobs Id:
29177.
Estimated Salary: $20 to $28 per hour based on qualifications.
The selected candidate will provide overall engineering and design support for the green field deployment and sustainment of a globally distributed Splunk environment consisting of Splunk Core components and the Enterprise Security SIEM Solution.
The Splunk Admin will be expected to performance operational roles of application sustainment as well as data on-boarding in support of the SIEM deployment.
The Splunk engineer will work closely with the Architect to operationalize the solution for use by the Security Operation Center (SOC) Analysts.
PRIMARY
Responsibilities:
The candidate must be familiar with recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data.
The Splunk engineer should be familiar with a Linux environment, editing and maintaining Splunk configuration files and apps.
The Splunk engineer will work with other Cybersecurity Engineering team members and will be required to interact with end users to gather requirements, perform troubleshooting, and aid with the creation of Splunk search queries and dashboards.
The Splunk engineer will be required interact with senior management, as necessary.
This person would also be responsible for knowledge transfer and training of our team as we implement the Security dashboards in Splunk.
It is expected that the SME will bring Skills and experience to this role and able to proactively address gaps in workflow related to SOC incident and investigations.
BASIC QUALIFICATIONS :
5
years' experience in the Information Technology arena.
4
years of experience in a Senior Splunk role 3
Years' experience in Linux (Red Hat Enterprise Linux 7) 2
Years' experience in app interface development, using REST API's to include add-ons from Fortinet, F5, Window, Unix, Tenable (ACAS), ePO and other common Security products.
PREFERRED QUALIFICATIONS :
Preferred Certification or equivalent
Experience:
Splunk Enterprise Certified Admin / Architect or equivalent knowledge Splunk Enterprise Security Certified Admin or equivalent knowledge Successful Candidates will be expected to perform the following tasks with minimal supervision and oversight.
Identify normal ES use cases Examine deployment requirements for typical ES installs Install ES and gather information for lookups setting up inputs using technology add-ons Create custom correlation searches Configure ES risk analysis, threat and protocol intelligence Fine tune ES's settings and other customizations No Supervisory req'ts #MS #GDSG #dcejobs Id:
29177.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
