Splunk Cyber Security Engineer - Generous Compensation

Position: Sr. Splunk Cyber Security Engineer
Location: Washington, DC #Remote (May require coming to office as needed)
Contract to Hire (Full Time)

Job Description:

• As a Senior Splunk Engineer within our Security Operations Engineering team, you will play a pivotal role in orchestrating the full spectrum of Splunk and Palo Alto xSOAR platform capabilities to enhance our security and operational frameworks.
• 5 years of robust, hands-on experience in Splunk and xSOAR technologies, this role demands proficiency in the end-to-end management of security detections.
• We are looking for a technical engineer to help maintain and support primary Splunk Cloud, Splunk Enterprise Security and Cortex xSOAR.
• Need someone with a demonstrated experience with tool suites that is resourceful in learning a complex and dynamically changing network.
• Must be a self-starter, able to work independently, and able to manage time effectively.

Your Role Responsibilities:

• Data Onboarding and Index Management: Spearhead the onboarding of diverse data sources, configuring indexes effectively to ensure efficient data ingestion, storage, and retrieval.
• This includes meticulous planning and execution to accommodate growing data volumes while maintaining system performance.
• Advanced Query Development: Craft and execute advanced SPL queries for in-depth log analysis, trend monitoring, and security incident investigation.
• Design and configure sophisticated triggers and alerts to automate monitoring and response to emerging threats and anomalies.
• To include integrations with xSOAR for event management.
• Performance Benchmarking: Define, design, and implement rigorous performance, scalability, and reliability benchmarks for both Splunk Enterprise and Cloud products, ensuring our Splunk ecosystem is optimized for high performance and reliability.
• Security Platform Expertise: Utilize Splunk as the primary platform for our security operations, incorporating key features such as Enterprise Security and SOAR to advance our threat detection, investigation, and response capabilities.
• Design, implement, standardize, and maintain efficient and reusable Python.
• Education: Bachelor's Degree (Computer Science, Information Technology, or related field)
• 5 years of professional experience Cybersecurity, NOC/SOC environments, and IT (Information Technology) Services environment, providing incident response.
• Demonstrated experience with Splunk and xSOAR tool suites, with an emphasis on Palo Alto Cortex SOAR
• Security Platform Expertise: Utilize Splunk as the primary platform for our security operations, incorporating key features such as Enterprise Security and SOAR to advance our threat detection, investigation, and response capabilities.
• Strong understanding of CSOC (Cyber Security Operations Center) workflows.
• Ability to communicate effectively with all levels of an organization from engineering, operations, and management.
• Strong Python, and PowerShell experience.
• Experience working in or with security functions such as SOC (Security Operations Center), CIRT, security engineering, risk management, and vulnerability management.
• Ability to multi-task and prioritize work effectively.
• A track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
• Demonstrated exceptional written and verbal communication skills.
• Excellent interpersonal skills and the ability to work effectively with people on a wide range of levels.
• Demonstrated experience endpoint security, network security (Firewalls, IPS/IDS, DNS, Proxy, etc.), data and application security, cloud security and technologies.

Bonus:

• Writing regex expression (RegEx) experience.
• Experience administering Amazon Web Services (AWS) and/or Microsoft Azure.
• Experience deploying and correlating threat intelligence and vulnerability management solutions.
• Good understanding of Agile methodology
• Windows/Linux experience
• Ability to perform risk assessments and investigate cyber security incidents. , Advanced
• Ability to understand vulnerabilities at a technical level., Advanced
• Knowledge of hardware and software, networks, data centers, systems, and cyber security related issues. , Advanced
• Proficient in ethical hacking techniques., Proficient
• Strong critical thinking ability and investigative/problem solving skills., Advanced

Licenses/Certifications:

• CISSP Certified Information Systems Security Professional Upon Hire Req or
• CISM - Certified Information Security Manager Upon Hire Req or
• Certified Ethical Hacker (CEH) Upon Hire Req or
• Certified Information Systems Auditor (CISA) Upon Hire Req

ESSENTIAL FUNCTIONS:

• 20% Assists with day-to-day support of security solutions.
• 20% Assists with engineering support and system administration of specialized cybersecurity solutions.
• 15% Solves complex problems and answers routine questions about the installation, operation, configuration, and customization of cybersecurity software.
• 15% Identifies potential conflicts with the implementation of any cybersecurity solutions.
• 10% Answers routine questions about the installation, operation, configuration, and customization of cybersecurity solutions.
• 10% Reviews and analyzes appropriate cybersecurity solution system logs for performance and functional anomalies.
• 10% Works with system design architects and project managers to provide security requirements.

Thanks & Regards,
--
LAXMAN
KMM Technologies, Inc.
Tel: (240) 800-0039 |Email: [email protected]