| Splunk Admin, Remote at Remote, Remote, USA |
| Email: [email protected] |
| From: Manasa, Calabitek [email protected] Reply to: [email protected] Splunk Administrator. Please see details below and help with profiles. Splunk Administrator IBM Security Services Role Overview Summary We are seeking a subject matter expert on Splunk who is highly skilled and experienced in Splunk Enterprise Security Administration to join our dynamic cybersecurity team. The ideal candidate will have a strong background in the administration, architecting, and engineering of Splunk ES GovCloud environment to include managing data models, CIM compliance, and 200+ sourcetypes. Managing the Splunk ES GovCloud index alerts to analyze data from various sources effectively. The role requires a deep understanding of cybersecurity principles and the ability to apply data analytics to enhance our organization's security posture. Responsibilities and Duties: Develop, configure, and maintain complex Splunk indexes, data models, sourcetypes, and dashboards to meet the specific needs of the organization. Collaborate with cybersecurity analysts to identify key data points and log sources for correlation to enhance threat detection and response capabilities. Optimize Splunk performance by fine-tuning sourcetypes, data models, and summary indexes to ensure efficient data processing and retrieval. Implement advanced Splunk Administrative techniques to identify and alert on any potential security incidents and vulnerabilities. Work closely with IT and security teams to integrate various log sources into Splunk, ensuring comprehensive visibility across the network. Conduct regular reviews of existing Splunk applications, adjusting and making improvements to keep up with the evolving security landscape. Provide technical guidance and support to team members on Splunk best practices and advanced correlation techniques. Stay updated with the latest Splunk features and cybersecurity trends, incorporating new knowledge into the organization's Splunk environment. Participate in incident response activities, leveraging Splunk to provide critical insights and facilitate rapid resolution. Qualifications: Bachelor's degree in Computer Science, Information Technology, or Cybersecurity. Minimum of 5 years of experience working with Splunk in a cybersecurity context. Splunk ES Administrator, Splunk Power User, or Splunk Enterprise Certified Admin certification is highly desired. Strong understanding of cybersecurity principles, threats, vulnerabilities, and incident response protocols. Proficient in creating complex Splunk SPL (Search Processing Language) queries and developing advanced correlation rules. Experience with log and data source integration, data normalization, Splunk data models, and Splunk CIM. Knowledge of network protocols, infrastructure, and key security technologies (firewalls, IDS/IPS, endpoint security, etc.). Excellent problem-solving skills and the ability to work independently or as part of a team. Strong communication and documentation skills, capable of effectively articulating technical information to both technical and non-technical audiences Please share valid resume to [email protected] Keywords: information technology Splunk Admin, Remote [email protected] |
| [email protected] View all |
| Fri May 03 00:43:00 UTC 2024 |