| Sr. Splunk SIEM Engineer !! Remote at Remote, Remote, USA |
| Email: rohit@codeinfotek.com |
|
From: Rohit Yadav, Code Infotek Inc rohit@codeinfotek.com Reply to: rohit@codeinfotek.com Job Title- Sr. Splunk SIEM Engineer Location- Remote Duration- 6+ Months Interview- Video Eviden Visa- : USC, GC, H1B, GC-EAD. Need Candidate LinkedIn. Job Description: Key Responsibilities: Monitor and ensure timely detection and notification of all threats within the customer environment using Splunk SIEM. Deliver customer-specific requirements, adhering to agreed service level agreements (SLAs). Understand customer expectations and translate them into actionable service outcomes. Manage the scope of work, including scheduled and ad-hoc deliverables, and track deviations effectively. Collaborate with platform administrators to onboard new log sources, maintain the health of the Splunk infrastructure, and ensure seamless integration of devices. Develop and maintain threat detection scenarios and procedures aligned with industry best practices and customer requirements. Leverage strong analytical and technical skills to enhance computer network defense operations, including Splunk query creation and advanced threat detection techniques. Handle incidents by performing detection, analysis, triage, and resolution. Perform threat hunting using Splunk's capabilities, identifying anomalous patterns, and managing content such as custom dashboards, alerts, and reports. Investigate security events, distinguishing actual incidents from false positives, and apply Splunk searches to enrich detection. Maintain working knowledge of: Operating systems (Windows/Linux). Network technologies (firewalls, proxies, DNS, and NetFlow). Active Directory and identity-based attacks. Network protocols (TCP, UDP, ICMP, etc.) and routing principles. Common internet applications and standards (SMTP, DNS, DHCP, SQL, HTTP/HTTPS). Gap Analysis and Continuous Improvement: Perform gap analysis to ensure all in-scope log sources are monitored effectively. Identify missing use cases, hunting models, or detection scenarios, ensuring the highest level of threat detection. Conduct domain-specific assessments to identify business-critical applications and technologies that require focused monitoring. Customer Interaction and Coordination: Act as the first point of contact ( FPOC) for client issues, responding promptly to queries and taking ownership until resolution. Facilitate log source onboarding or decommissioning and coordinate with internal teams to meet customer requirements. Maintain transparency and demonstrate the value of SOC operations during periodic reviews such as MIS and QBR meetings. Performance Reporting: Ensure timely submission of operational reports and updates on new use cases, proactive threat detection initiatives, and Splunk feature enhancements. Present SOC achievements and areas of improvement to stakeholders, highlighting the Managed Detection and Response (MDR) value. Candidate Requirements: Minimum 10 years of total experience, with at least 8 years in a Security Operations Center (SOC) environment. At least 6 years of experience in customer-facing roles. Strong understanding of SIEM concepts, with hands-on experience in Splunk (including data onboarding, dashboard creation, and custom alert configuration). Solid technical and operational knowledge in cybersecurity, including network security, log analysis, and incident response. Excellent verbal and written communication skills. Qualifications: Bachelors degree in engineering, preferably in IT or Computer Science (B.E./B.Tech). Multiple professional certifications preferred (e.g., CCNA, CEH, Splunk Core Certified User/Power User). Work Schedule: General Shifts This role is a great opportunity for professionals with a strong Splunk SIEM background, leadership capabilities, and a commitment to delivering top-notch security operations and threat detection services. Thanks & Regards... Rohit Yadav !! Code Infotek Inc Technical Recruiter Linkedin: https://www.linkedin.com/in/rohit-yadav-545476175/ 11350 Random Hills Rd. Suite 800 Fairfax, VA 22030 Web: www.codeinfotek.com Keywords: active directory information technology green card Virginia Sr. Splunk SIEM Engineer !! Remote rohit@codeinfotek.com https://jobs.nvoids.com/job_details.jsp?id=2321176 |
| rohit@codeinfotek.com View All |
| 11:27 PM 07-Apr-25 |