Splunk Engineer :: Remote

Hi, 
Hope you are doing great!!
Please go through the below job description and let me know your thoughts. 

Title: Splunk Engineer
Location: Remote
Interview: Phone and Video

 
Role Description: The Splunk Engineer would need to have at least 8 years of experience. As the Senior Splunk Engineer, you will be responsible for analyzing the most complex threats and act as an escalation point for other security analysts, managing Splunk implementations for managed security services customers, as well as use case creation, dashboards, tuning, and log source configuration.
responsibilities 
 - Be responsible for advanced security event detection and threat analysis for complex and/or escalated security events.
- Provide log/network/malware/device analysis and making recommendations for remediation of security vulnerability conditions.
- Validate log sources and indexed data, search through indexed data to optimize search criteria.
- Add Customer Context, eliminate noise and false positives, and develop trends and data models.
- Distill Customer intelligence feeds; use cases, trends and data models.
- Create custom alert schema, reports and custom dashboards.
 
Minimum Qualifications:
 
- 4+ years direct experience with Splunk as an Engineer or Administrator.
- 7+ years of experience investigating network threats with advanced analysis experience of multiple attack vectors such as Malware, Trojans, Exploit Kits, Ransomware and Phishing techniques, APTs, etc.
- TCP/IP networking skills to perform packet and log analysis.
- Must be a motivated and customer-focused SIEM engineer who can work as a subject matter expert.
- Requires expert level understanding of SIEM platforms.
- Strong understanding of Splunk Use Case creation, Dashboards and Tuning.
- Strong Splunk Enterprise Security (ES) experience to include Index Design, Infrastructure, Data Collection, Deployment Management, Data Enrichment, Querying, Integration and Operations.
- Security Analysis experience to include incident classification, investigation and remediation.
- Must have, or be qualified to obtain, a government clearance at the Secret level.
 
Preferred Qualifications:
 
Linux, Perl, Python scripting.
- SANS or other Security industry certifications such as GIAC, GSEC, GCIA, GCIH, GREM, GPEN or OSCP.
- experience. with SEIM security applications like ArcSight or RSA Security Analytics OR Archer Security Operations Management experience.
- Bachelor's Degree preferred.
 
Education: Any
Experience: Minimum 8 years

Regards,
 
Shivam Dwivedi
Cybertec, Inc.,
11710 Plaza America Drive
Suite #2000, Reston, VA 20190
Direct: (732) 436-3439
Fax: 703-871-5291
Email: shivam@cy-tec.com
URL: www.cy-tec.com


If you would like to unsubscribe from Cybertec, Inc., please click here.

Comments

Popular Posts