Splunk service /cyber security engnieer

  • Hi,
  • I am looking for Splunk Service Engineers in you have experience in this field, are interested in this position and looking for a new assignment, please review the following requirement and forward your word formatted resume along with your contact information. If you are no longer looking for a new project, but know someone who can benefit from this position, please refer.
  • Title: Splunk Service Engineer
  • Location: Falls Church, VA 22042
  • Contract: 6+ Months
  • Description:
  • Job Responsibilities:
  • Required skills:
  • Develop and Implement Actionable Alerts and Workflow for Splunk as a SIEM (Security Information & Event Management) tool
  • Develop and Implement Apps & Knowledge Objects (KO) like Dashboard, Reports, Data Models
  • Work with the Splunk Architect/Admin to promote private KO to Global KO
  • Assist, and/or train CISO Splunk Engineering team on Data Lifecycle Support
  • Assist, train, and/or host workshops CISO teams and analysts on Searching and Content Development
  • Develop and implement automation to improve efficiency of CISO workflows using Splunk
  • Assist in development of advanced security use cases in Splunk
  • Develop risk rules and risk incident rules to correlate and alert to significant cyber events.
  • Develop custom dashboards specific to RBA (Risk Based Alerting) to highlight risk detail, health analysis and risk suppression.
  • Configure incident response and remediation workflows for ES around notable events (RBA or otherwise alerted)
  • Develop custom machine learning (ML) models to support anomaly-detection based augmentation of alerting
  • Work with numerous stakeholders to implement & maintain event logging from various operating systems, applications, identity providers, network infrastructure, and cloud service providers.
  • Understanding of network protocols, operating systems, applications, and device event telemetry
  • Have strong communication and collaboration skills, both oral and written, with excellent interpersonal and organization skills.
  • Understanding of network defense tools (firewall, IPS/IDS, WAF/CDN, etc), endpoint defense tools (EDR, anti-malware) a plus
  • Experience with SAAS- or cloud-hosted Splunk implementation a plus.
  • EXPERIENCE LEVEL:
  • Extensive experience (7+ years) in information security operations and/or related IT operational functions

 

  • EDUCATION:
  • Must possess a minimum of a Bachelors Degree in Computer Science, Information Technology or Information Security (Masters Degree preferred).

 

  • CERTIFICATIONS: (One or more required)
  • -CompTIA Security +
  • -CPTE – Certified Penetration Testing Engineer or CEH – Certified Ethical Hacker
  • -Certified Information System Security Professional (CISSP)

share profiles to sree@ramsoft.net

phone:6088515173

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *