Senior Splunk Engineer

Description

  • Enable customer success by providing a well-rounded consulting experience from project kickoff through completion.
  • Operate and maintain the Splunk log management infrastructure and leverage knowledge on a number of security technologies, information security, and networking.
  • Comprehensive experience in interacting with clients, providing security focused log collection solutions using Splunk.
  • Develop security focused content for complex client Splunk deployments, with focus on creation of complex detection, alerting logic and log source on-boarding using custom methods or Splunk common information model (CIM).
  • Develop advanced reports to meet the requirements of key stakeholders and scalable security management tools and processes.
  • Conduct research in areas, including security principles, host and network-based security technologies, machine learning algorithms, and mitigation methods.
  • Engineer, configure, and deploy Enterprise SIEM/SEM and log management solutions.
  • Develop automation for security tools management, and create customized searches and applications using programming and development expertise, including Java, Python, Shell scripting, and regular expression.
  • Automate Splunk deployments, integrations, testing of enterprise systems and services.
  • Create and optimize Big Data correlations as a Splunk search language (SPL) expert.
  • Willingness to travel if required.

Qualifications

  • U.S. Citizenship or Permanent Resident status REQUIRED
  • 5+ years of technical consulting or big data analytics experience
  • 2+ years of hands-on experience with SPLUNK, network security and system security, supporting security information and event management tools (SIEMs)
  • 2+ years of experience with rule and advanced logic creation within Splunk
  • Knowledge of Splunk and JIRA best practices
  • Experience with Linux and Windows operating systems
  • Experience with using scripting languages to automate tasks and manipulate data
  • Experience with working in a large enterprise environment
  • Experience with integrating solutions in a multi-vendor environment, including SaaS environments
  • Knowledge of enterprise system and network logging, with a focus on security event logging
  • Knowledge of regular expressions
  • Knowledge of Splunk common information model (CIM)
  • Ability to work independently in fast-paced, structured and unstructured environments
  • Splunk User, Power User, Administrator Certifications (Ability to achieve full accreditation)
  • Secret or Top Secret Security Clearance (preferred)

Additional Information

Seniority Level

  • Mid-Senior level

Employment Type

  • Full-time

Industry

  • Computer Software
  • Computer & Network Security
  • Information Technology & Services

Benefits

  • Medical insurance
  • Vision insurance
  • Dental insurance
  • 401(k)
  • Commuter benefits
  • Tuition assistance

Additional Qualifications

  • 2+ years of experience in an Incident Response role performing hunt activities
  • Experience with enterprise-scale operations and maintenance environments
  • Experience with programming
  • Experience with Splunk API
  • Experience with Python
  • Experience with various security tools, including Wireshark, Nessus, Nmap, Burp, Proxy, or Snort
  • Experience with SPL, SQL, and other related search languages
  • Knowledge of networking protocols
  • Ability to be a Splunk language (SPL) expert
  • Knowledge of virtualization and container tools, including VMware, Parallels, VirtualBox, OpenStack, and Docker
  • Knowledge of configuration management tools, including Ansible, Puppet, Chef, and SaltStack
  • BA or BS degree in CS, IT, Engineering, or a related field
  • Industry recognized security certifications (security, networking, etc)- preferred
  • Working knowledge of Splunk Cloud solution offering -preferred
  • Working knowledge of AWS – preferred