Job Details

Splunk Engineer

(Must be able to convert for permanent employment without sponsorship)

Must Have Skills:

• 5+ years of experience with Splunk
• Splunk certification
• Experience in design, implementation and support of Splunk core components, including indexers, forwarders, search heads, and cluster managers
• Experience with configurations and administration of Splunk ingestion and forwarding for new and existing applications and data
• Experience with troubleshooting Splunk dataflow issues between the various Splunk core components
• Experience configuring and deploying data collection for a variety of operating systems and network platforms
• Experience creating Dashboards and Analytics within SIEM tools
• Experience working with monitoring systems supporting auditing, incident response, and system health
• Understanding of networking components and devices, ports, protocols, and basic networking troubleshooting steps
• The ability to troubleshoot issues with log feeds, search time, and field extractions

Soft Skills:

• Ability to articulate dashboards through presentations
• Excellent written and verbal communication skills

Education/certification requirements:

• Bachelor's Degree in Computer Science, Engineering, Information Security, or a related discipline
• Splunk certification

Day to Day Responsibilities:

• Designing, maintaining and troubleshooting the SIEM environment
• Develop advanced SIEM correlation rules, reports and dashboards to detect emerging threats
• Manage, develop and tune the scripts that integrate SIEM
• Design and generate data parsers as necessary to optimize ingestion of data from a wide variety of devices including servers, firewalls, Cloud Applications
• Maintain comprehensive documentation of security controls, policies, and procedures for SIEM environment.
• Creating workflows for Incident Response within a SIEM Tool
• Assist with Incident response and Cyber investigations.