image
  • Snapboard
  • Activity
  • Reports
  • Campaign
Profile Resumebox Contact List My Jobs Send Mail
image
Welcome ,

Invite others to join Snaprecruit

Send

Share about us on social media!

Logo
Logo
Sign Up
Log in
loadingbar
Loading, Please wait..!!

Splunk Engineer Ii

  • ... Posted on: Nov 25, 2024
  • ... Lucid Technologies Inc
  • ... Eagan, Minnesota
  • ... Salary: Not Available
  • ... CTC
Save this job

Point Apply Here

Splunk Engineer Ii   

Job Title :

Splunk Engineer Ii

Job Type :

CTC

Job Location :

Eagan Minnesota United States

Remote :

No

Jobcon Logo Job Description :

Job Title: IT - Splunk Cyber Security Solutions Engineer II
Location work will be performed: NCO024 - Morrisville

Job Description: Splunk Cyber Security Solutions Engineer II
(Morrisville, NC; Falls Church, VA; Eagan, MN; remote considered)

Splunk Service Engineer is responsible for tuning and configuration of Splunk Core and Splunk Enterprise Security (ES) services, develop use cases with CISO end users to build content and assist in developing advanced security use cases. Participate in requirements gathering, solutions architecting, design and build of technology solutions to support Continuous Monitoring Program. Assist, train, and host workshops for CISO teams. Support off-hours and weekend efforts for incident investigations and systems maintenance.

Required skills:
  • Develop and Implement Actionable Alerts and Workflow for Splunk as a SIEM (Security Information and Event Management) tool
  • Develop and Implement Apps and Knowledge Objects (KO) like Dashboard, Reports, Data Models
  • Work with the Splunk Architect/Admin to promote private KO to Global KO
  • Assist, and/or train CISO Splunk Engineering team on Data Lifecycle Support
  • Assist, train, and/or host workshops CISO teams and analysts on Searching and Content Development
  • Develop and implement automation to improve efficiency of CISO workflows using Splunk
  • Assist in development of advanced security use cases in Splunk
  • Develop risk rules and risk incident rules to correlate and alert to significant cyber events.
  • Develop custom dashboards specific to RBA (Risk Based Alerting) to highlight risk detail, health analysis and risk suppression.
  • Configure incident response and remediation workflows for ES around notable events (RBA or otherwise alerted)
  • Develop custom machine learning (ML) models to support anomaly-detection based augmentation of alerting
  • Work with numerous stakeholders to implement and maintain event logging from various operating systems, applications, identity providers, network infrastructure, and cloud service providers.
  • Understanding of network protocols, operating systems, applications, and device event telemetry
  • Have strong communication and collaboration skills, both oral and written, with excellent interpersonal and organization skills.
  • Understanding of network defense tools (firewall, IPS/IDS, WAF/CDN, etc), endpoint defense tools (EDR, anti-malware) a plus
  • Experience with SAAS- or cloud-hosted Splunk implementation a plus.
EXPERIENCE LEVEL:
operations and/or related IT operational functions
  • Extensive experience (5+ years) in information security operations and/or related IT operational functions
EDUCATION:
  • Must possess a minimum of a Bachelors Degree in Computer Science, Information Technology or Information Security (Masters Degree preferred).
CERTIFICATIONS: (One or more desired)
  • CompTIA Net+
  • CompTIA A+
  • CompTIA Security +
  • CPTE - Certified Penetration Testing Engineer or CEH - Certified Ethical Hacker
Additional Provisions:
  • Pass a client mandated clearance process to include drug screening, criminal history check and credit check.
  • Once candidates resume is approved and interview passed, the agency is responsible for providing drug screening. Failure to submit the drug screening results will delay the security clearance process.
  • If a candidate is given an interim clearance, continuation of employment is then based on the candidate receiving a sensitive clearance.
  • All candidates must be a US Citizen or permanent status Green Card holder.
  • Cannot have more than 6 months travel outside the United States within the last five years. Military Service excluded. (Exception does not include military family members.)
  • All overtime must be pre-approved in writing by the client manager or his/her designated representative.
  • Agency will not be reimbursed for overtime charges without previous written authorization. Authorized overtime will be reimbursed at straight time.

Jobcon Logo Position Details

Posted:

Nov 25, 2024

Employment:

CTC

Salary:

Not Available

Snaprecruit ID:

SD-LUC-47ec2510b1f7086b4091ea57d38b6eef7d1620851a3b652f33b95600d7b4e6d1

City:

Eagan

Job Origin:

LUCID_ORGANIC_FEED

Share this job:

  • linkedin

Jobcon Logo
A job sourcing event
In Dallas Fort Worth
Aug 19, 2017 9am-6pm
All job seekers welcome!
Get your FREE tickets

Download mobile appsJust Swipe to apply for jobs. Try it out !

Apple icon

Download on the

Google icon

Download on the

Download mobile appsJust Swipe to apply for jobs.

Apple icon

Download on

Google play icon

Download on

Splunk Engineer Ii    Apply

Click on the below icons to share this job to Linkedin, Twitter!

Job Title: IT - Splunk Cyber Security Solutions Engineer II
Location work will be performed: NCO024 - Morrisville

Job Description: Splunk Cyber Security Solutions Engineer II
(Morrisville, NC; Falls Church, VA; Eagan, MN; remote considered)

Splunk Service Engineer is responsible for tuning and configuration of Splunk Core and Splunk Enterprise Security (ES) services, develop use cases with CISO end users to build content and assist in developing advanced security use cases. Participate in requirements gathering, solutions architecting, design and build of technology solutions to support Continuous Monitoring Program. Assist, train, and host workshops for CISO teams. Support off-hours and weekend efforts for incident investigations and systems maintenance.

Required skills:
  • Develop and Implement Actionable Alerts and Workflow for Splunk as a SIEM (Security Information and Event Management) tool
  • Develop and Implement Apps and Knowledge Objects (KO) like Dashboard, Reports, Data Models
  • Work with the Splunk Architect/Admin to promote private KO to Global KO
  • Assist, and/or train CISO Splunk Engineering team on Data Lifecycle Support
  • Assist, train, and/or host workshops CISO teams and analysts on Searching and Content Development
  • Develop and implement automation to improve efficiency of CISO workflows using Splunk
  • Assist in development of advanced security use cases in Splunk
  • Develop risk rules and risk incident rules to correlate and alert to significant cyber events.
  • Develop custom dashboards specific to RBA (Risk Based Alerting) to highlight risk detail, health analysis and risk suppression.
  • Configure incident response and remediation workflows for ES around notable events (RBA or otherwise alerted)
  • Develop custom machine learning (ML) models to support anomaly-detection based augmentation of alerting
  • Work with numerous stakeholders to implement and maintain event logging from various operating systems, applications, identity providers, network infrastructure, and cloud service providers.
  • Understanding of network protocols, operating systems, applications, and device event telemetry
  • Have strong communication and collaboration skills, both oral and written, with excellent interpersonal and organization skills.
  • Understanding of network defense tools (firewall, IPS/IDS, WAF/CDN, etc), endpoint defense tools (EDR, anti-malware) a plus
  • Experience with SAAS- or cloud-hosted Splunk implementation a plus.
EXPERIENCE LEVEL:
operations and/or related IT operational functions
  • Extensive experience (5+ years) in information security operations and/or related IT operational functions
EDUCATION:
  • Must possess a minimum of a Bachelors Degree in Computer Science, Information Technology or Information Security (Masters Degree preferred).
CERTIFICATIONS: (One or more desired)
  • CompTIA Net+
  • CompTIA A+
  • CompTIA Security +
  • CPTE - Certified Penetration Testing Engineer or CEH - Certified Ethical Hacker
Additional Provisions:
  • Pass a client mandated clearance process to include drug screening, criminal history check and credit check.
  • Once candidates resume is approved and interview passed, the agency is responsible for providing drug screening. Failure to submit the drug screening results will delay the security clearance process.
  • If a candidate is given an interim clearance, continuation of employment is then based on the candidate receiving a sensitive clearance.
  • All candidates must be a US Citizen or permanent status Green Card holder.
  • Cannot have more than 6 months travel outside the United States within the last five years. Military Service excluded. (Exception does not include military family members.)
  • All overtime must be pre-approved in writing by the client manager or his/her designated representative.
  • Agency will not be reimbursed for overtime charges without previous written authorization. Authorized overtime will be reimbursed at straight time.

Loading
Please wait..!!