| Immediate job opening for Splunk Administrator or Engineer and it's a remote (but we only need a local profile to WA) position at Remote, Remote, USA |
| Email: [email protected] |
| From: Chandra, RHG [email protected] Reply to: [email protected] Hi Professional, Hope you're doing great! Title: Splunk Administrator/Engineer Location: Remote (but we only need a local profile to WA) Duration: Long-term Contract Job Description: At least 5+ years of experience in the IT industry with hands-on working experience in Splunk (SIEM) Installation and UNIX management, Splunk architecture and components including search heads, indexers and forwarders. Have strong experience in the implementation of Splunk premium applications, application management, and data security as per customer requirements and industry best practice. Installed, configured, and maintained Splunk Add Ons and Apps such as but not limited to: Splunk Add-On for AWS, Splunk Add-On for Windows, and Google Workspace for Splunk. Creation of new dashboards, reports, or analytics Managed a clustered environment with multiple indexers and search heads. Administered both Splunk Enterprise and Splunk Enterprise Security. Worked closely with various Security and Platform Engineering teams to onboard new data from various sources. Responsible for creation of new alerts & fine tuning. Maintaining current patch & version upgrades for all Splunk components including the Linux host OS patching and upgrading. Troubleshooting and resolving Splunk issues, as necessary. Coordinating any needed maintenance and upgrades with teams and regional entities, as necessary. Regularly reviewing Splunk usage and license compliance. Performing any other Splunk related work as directed and necessary. Strong experience working on enterprise security solutions such as WAF, IPS, DDOS, and SIEM. Deep technical expertise across multiple technical domains including cloud computing, security, identity and access management and IT infrastructure. Cloud security knowledge in the areas of CSPM, Endpoint security solutions and Vulnerability Management. Experience with Security Orchestration, Automation & Response (SOAR) platform & other security automation tools. Proficient in scripting languages as Python, PowerShell & Bash. Experience in security event analysis & triage, incident handling and root-cause identification(NIST incident response framework knowledge). Experience and knowledge of cyber security in corporate environments. Can work autonomously, deliver with minimal supervision from a set of requirements. Information Security Certification is a plus: ISO 27001, CISSP or CISM or other equivalent. Maintaining current patch levels for all splunk components including the Linux host OS patching and upgrading Performing major version upgrades including the Linux host OS - to splunk components as necessary Troubleshooting and resolving splunk issues as necessary Coordinating any needed maintenance and upgrades with teams and regional entities as necessary Coordinating and performing the onboarding of new data sources as necessary Regularly reviewing splunk usage and license compliance Creation of new dashboards, reports or analytics Creation of new alerts Maintaining the security of splunk and its related components and indexes Performing any other splunk related work as directed and necessary GOOD TO HAVE CERTS Splunk Enterprise Security Certified Admin Splunk Certified Cybersecurity Defense Analyst. Best Regards, Chandra Keywords: information technology Washington |
| [email protected] View all |
| Mon Jul 24 19:05:00 UTC 2023 |