Sr. Splunk SIEM Engineer at Remote, Remote, USA |
Email: [email protected] |
From: Manvith, techgene [email protected] Reply to: [email protected] Sr. Splunk SIEM Engineer Visa- 1ST Preference USC, AND then GC Location: Daily commutable distance to Richmond Onsite 3 days/week plus critical meeting attendance Length of Contract: 6 months Must Haves: Minimum of 5 to 7 years of experience as a Sr. Splunk SIEM Engineer, including work with security monitoring tools such as IDS/IPS, FWs and NACs and protocols such as NetFlow (Snort, Bro, Palo Alto, Checkpoint, Palo, Arista, ISE, FireEye, Gigamon). Development, deployment, or administration of Splunk ES. Experience working with cloud services such as AWS, Azure and M365 and cloud access security brokers. Experience in the use of network monitoring tools with a strong understanding of network protocols. Ability to perform security analysis, development and implementation of security policies, standards, and guidelines. Experience with both the Linux and Windows operating systems. Must be within 45 minutes driving distance of Richmond, VA Soft Skills: Communication skills on a scale of 1 to 10 for this role 10 Role: Sr. Splunk SIEM Engineer Key Responsibilities: Development, deployment, or administration of Splunk. Onboard Splunk ES critical data sources - ingestion of critical data sources/data logs from the enterprise into the Security Information Event Management (SIEM) tool to meet the Splunk Enterprise Security (ES) implementation. Normalize Log Data to Common Information Model (CIM) as required by Splunk ES to meet the provided security use cases (Rules/Alerts). Create viewable Splunk dashboards to provide visibility into ingested log data. Create alerts that trigger/activate on configured setting to deploy or sends a note, email, or attachments to a particulate destination email or groups. Create security rules (alerts) that trigger on anomalous activities or threat detections. Splunk Support - Assisting Customers with any issues when ingestion of logs that are not working properly or communication issues with Splunk. Resolve Splunk infrastructure or system issues. Check virtual server availability, functionality, integrity, and efficiency. Monitor and maintain virtual server configuration. Diagnose failed servers or connectivity problems. Required Skills and Experience: Experience working with cloud services such as AWS, Azure and M365 and cloud access security brokers. Experience in the use of network monitoring tools with a strong understanding of network protocols. Ability to perform security analysis, development and implementation of security policies, standards, and guidelines. Ability to quickly explore, examine and understand complex security problems and how it affects a customers business. Experience with both the Linux and Windows operating systems. Experience with SOAR and Firewall platforms from Palo Alto Networks Education and Experience Completed bachelors degree from an accredited university is required, preferably in an IT related field. Minimum of 5 to 7 years of experience related to the qualifications above, including work with security monitoring tools such as IDS/IPS, FWs and NACs and protocols such as NetFlow (Snort, Bro, Palo Alto, Checkpoint, Palo, Arista, ISE, FireEye, Gigamon). Keywords: information technology green card Virginia Sr. Splunk SIEM Engineer [email protected] |
[email protected] View all |
Mon Aug 19 21:45:00 UTC 2024 |