Vacancy expired!
This is potential hire after 3-6 months contract. Please share resume to discuss further.
Job Description- This position will work as part of the IT Security Engineering team along side our senior engineers in the IT Security & Compliance department to support our SIEM/SOAR infrastructure.
- You will be expected to work independently and with small groups within the established procedures to ensure critical system functionality and reliability standards are met.
- Successful candidates should be focused on delivery, prioritize data-driven decisions over opinions, be continuous learners, be passionate about information security, and love their work.
- Work location is onsite at Houston, TX 77064.
- Analyze and support senior engineers in management and deployment with large scale, distributed, and clustered Splunk environments
- Assist with log ingestion, aggregation, and retention strategies to meet policy and operational requirements
- Assist with onboarding new data sources into Splunk, analyze the data for anomalies and trends, and build dashboards highlighting the key trends of the data
- Assist with reporting around SIEM and detection activities/efforts
- Assist users with search optimization
- Create operations documentation for maintaining the Splunk infrastructure Act as point of contact for Splunk end-users and application owners
- Troubleshoot Splunk performance issues / open support cases with Splunk Ensure technical issues are quickly resolved and help implement strategies and solutions to reduce the likelihood of recurrence Maintain up-to-date knowledge of technology standards, industry trends, emerging technologies, and best practices
- An associate's or bachelor's degree in computer science, cybersecurity, or related fields Strong analytical, critical thinking, and problem-solving skills Strong understanding of Windows and Linux administration utilizing Command Line Interface (CLI) Strong understanding of Splunk data onboarding, including Splunk App/TA configuration, CIM validation, data normalization, data modeling, and advanced search and reporting commands
- Strong understanding of fundamental basics of the Splunk infrastructure, components, system log files, and other structured and non-structured data (lookups, modular inputs, standard inputs, relationships between varying configuration files, etc.)
- Experience deploying and managing Splunk indexer clusters, search head clusters, and forwarders
- Excellent verbal and written communication skills Fluency in at least one scripting/coding language (Python experience is preferred)
- Fluency in parsing languages such as REGEX is preferred Advanced training certifications are preferred