| Splunk Security Engineer at Remote, Remote, USA |
| Email: [email protected] |
| Splunk Security Engineer Allen, TX Splunk Implementation: Install, configure, and manage Splunk infrastructure. Design Splunk architecture to meet organizational needs. Data Ingestion: Integrate security logs and other data sources (e.g., firewall logs, IDS/IPS, authentication logs). Ensure appropriate data parsing and normalization for security insights. Security Monitoring & Incident Response: Set up alerts and dashboards to detect security threats. Monitor for suspicious activity and respond to incidents using Splunk data. Conduct threat hunting and forensic investigations using Splunk. SIEM Administration: Maintain and update SIEM configurations to ensure optimal performance. Work with other security tools and technologies, integrating them with Splunk. Security Content Development: Create and optimize custom searches, alerts, reports, and dashboards tailored to the organization's security needs. Develop correlation rules and threat intelligence feeds. Troubleshooting and Optimization: Resolve issues with data ingestion, performance tuning, and Splunk queries. Optimize Splunk queries for faster processing and better insights. Compliance & Auditing: Use Splunk to maintain compliance with security policies, regulations (e.g., GDPR, HIPAA), and industry standards. Generate reports for audits and management. -- Keywords: information technology Texas Splunk Security Engineer [email protected] |
| [email protected] View all |
| Tue Sep 10 20:48:00 UTC 2024 |