Splunk Engineer

Oriontek Inc
Remote, GA
01 Dec 2024

Vacancy expired!

Position - Splunk Engineer Location - 100% Remote Type - W2,1099 JD

  • Must have 4 years of experience in Splunk
  • Must have 2 years of experience in security
  • In-depth experience and knowledge with Splunk ES
  • In-depth Splunk knowledge along with a Security Operations background
  • Experience in tuning Splunk data models
  • Experience with data normalization CIM
  • Ability to maintain data models and ensure data integrity
  • Ability to perform analysis on Splunk objects to identify opportunities for tuning
  • Knowledge of risk-based alerting
  • Bachelor's degree in Computer Science or related analytical field or equivalent experience
Work Description:
  • Review existing data models with special attention to the following data models, Identity Management Authentication, Malware, Endpoint, Network, Traffic, Risk, Threat Intelligence, among other data models/deprecated models.
  • Provide documentation on how to update, maintain, and add new Data Models
  • Provide best practice recommendations:
  • Splunk Enterprise Security (ES)
  • Data Models Creation/Acceleration/Maintenance
  • Risk Based Alerting
  • Scaling of Correlation Searches
  • ID: #23695247
  • State: Georgia Remote 00000 Remote USA
  • City: Remote
  • Salary: USD TBD TBD
  • Job type: Contract
  • Showed: 2021-12-01
  • Deadline: 2022-01-29
  • Category: Security