Splunk SIEM Security Engineer III

28 Jun 2024

Vacancy expired!

This is potential hire after 3-6 months contract. Please share resume to discuss further.

Job Description
  • This position will work as part of the IT Security Engineering team along side our senior engineers in the IT Security & Compliance department to support our SIEM/SOAR infrastructure.
  • You will be expected to work independently and with small groups within the established procedures to ensure critical system functionality and reliability standards are met.
  • Successful candidates should be focused on delivery, prioritize data-driven decisions over opinions, be continuous learners, be passionate about information security, and love their work.
  • Work location is onsite at Houston, TX 77064.

Role & Responsibilities:
  • Analyze and support senior engineers in management and deployment with large scale, distributed, and clustered Splunk environments
  • Assist with log ingestion, aggregation, and retention strategies to meet policy and operational requirements
  • Assist with onboarding new data sources into Splunk, analyze the data for anomalies and trends, and build dashboards highlighting the key trends of the data
  • Assist with reporting around SIEM and detection activities/efforts
  • Assist users with search optimization
  • Create operations documentation for maintaining the Splunk infrastructure Act as point of contact for Splunk end-users and application owners
  • Troubleshoot Splunk performance issues / open support cases with Splunk Ensure technical issues are quickly resolved and help implement strategies and solutions to reduce the likelihood of recurrence Maintain up-to-date knowledge of technology standards, industry trends, emerging technologies, and best practices

Job Requirements:
  • An associate's or bachelor's degree in computer science, cybersecurity, or related fields Strong analytical, critical thinking, and problem-solving skills Strong understanding of Windows and Linux administration utilizing Command Line Interface (CLI) Strong understanding of Splunk data onboarding, including Splunk App/TA configuration, CIM validation, data normalization, data modeling, and advanced search and reporting commands
  • Strong understanding of fundamental basics of the Splunk infrastructure, components, system log files, and other structured and non-structured data (lookups, modular inputs, standard inputs, relationships between varying configuration files, etc.)
  • Experience deploying and managing Splunk indexer clusters, search head clusters, and forwarders
  • Excellent verbal and written communication skills Fluency in at least one scripting/coding language (Python experience is preferred)
  • Fluency in parsing languages such as REGEX is preferred Advanced training certifications are preferred

  • ID: #43647076
  • State: Texas Houston 77001 Houston USA
  • City: Houston
  • Salary: Depends on Experience
  • Job type: Contract
  • Showed: 2022-06-28
  • Deadline: 2022-08-22
  • Category: Et cetera