Vacancy expired!
Position - Splunk Engineer Location - 100% Remote Type - W2,1099 JD
- Must have 4 years of experience in Splunk
- Must have 2 years of experience in security
- In-depth experience and knowledge with Splunk ES
- In-depth Splunk knowledge along with a Security Operations background
- Experience in tuning Splunk data models
- Experience with data normalization CIM
- Ability to maintain data models and ensure data integrity
- Ability to perform analysis on Splunk objects to identify opportunities for tuning
- Knowledge of risk-based alerting
- Bachelor's degree in Computer Science or related analytical field or equivalent experience
- Review existing data models with special attention to the following data models, Identity Management Authentication, Malware, Endpoint, Network, Traffic, Risk, Threat Intelligence, among other data models/deprecated models.
- Provide documentation on how to update, maintain, and add new Data Models
- Provide best practice recommendations:
- Splunk Enterprise Security (ES)
- Data Models Creation/Acceleration/Maintenance
- Risk Based Alerting
- Scaling of Correlation Searches