| Splunk Security Engineer at Remote, Remote, USA |
| Email: [email protected] |
| From: abhinav, wise equation solution [email protected] Reply to: [email protected] Splunk Security Engineer in Dallas, TX. Role is 100% remote. US Citizenship or green card required per terms of federal contract They will be strongly preferring candidates who have had experience in both large enterprise and government environments Please only submit candidates with ASAP availability. No candidates requiring a notice period will be considered. JOB ID R1012139.01 Skills (NONE/ADVANCED/EXPERT): Splunk Security Engineer Preferred certification: Splunk Enterprise Security Certified Admin or Splunk Certified Cybersecurity Defense Engineer. Proven experience in Splunk architecture, components, and deployment options. Hands-on experience with creating custom applications, dashboards, and analytics beyond default Splunk features. Strong skills in field extraction, custom event fields, search queries, and correlation searches. Demonstrated experience in maintaining security and optimizing performance of Splunk environments. Ability to analyze and improve processes, procedures, and documentation for continuous optimization. Experience in building threat detections using correlation rules in security logs. Strong analytical skills with an eye for identifying areas of improvement. Job Overview: We are seeking a skilled Splunk Engineer to join our cybersecurity team, responsible for deploying, configuring, and optimizing Splunk environments across enterprise and government settings. The ideal candidate will have extensive hands-on experience with Splunk Enterprise Security, advanced expertise in Unix/Linux operating systems, and a deep understanding of Splunk architecture, data ingestion, threat detection, and search performance. Key Responsibilities: Deploy, configure, and maintain Splunk components, including search heads, indexers, and forwarders. Implement and configure SIEM solutions for Enterprise and Government environments. Manage clustered environments with multiple indexers and search heads to ensure high availability and performance. Create, customize, and maintain dashboards, reports, correlation searches, and alerts to support security operations. Extract and optimize field extractions, multi-value fields, tags, and field aliases for improved data analysis. Build high-fidelity threat detection rules using security logs to identify malicious activity. Work closely with Security and Platform Engineering teams to onboard new data sources. Configure and manage Splunk data ingestion methods, including forwarders, HTTP Event Collector (HEC), and scripted inputs. Troubleshoot and resolve issues related to Splunk configuration, data ingestion, and search performance. Perform major version upgrades for Splunk components deployed on Linux-based systems. Ensure the security of Splunk components, including indexes, and regularly update them as needed. Keywords: Idaho Texas Splunk Security Engineer [email protected] |
| [email protected] View all |
| Wed Nov 13 18:42:00 UTC 2024 |