Splunk Engineer Apply
Position: Splunk Engineer
Location: NYC, NY
Mode of Hire: Contract
Job Description:
- Strong understanding of cybersecurity principles, threats, vulnerabilities, and incident response protocols.
- Proficient in creating complex Splunk SPL (Search Processing Language) queries and developing advanced correlation rules.
- Experience with log and data source integration, data normalization, Splunk data models, and Splunk CIM.
- Knowledge of network protocols, infrastructure, and key security technologies (firewalls, IDS/IPS, endpoint security, etc.)
Optional Qualifications:
Bachelor's degree in Computer Science, Information Technology, or Cybersecurity.
Minimum of 5 years of experience working with Splunk in a cybersecurity context.
Splunk Power User or Splunk Enterprise Certified Admin certification is highly desired. - Excellent problem-solving skills and the ability to work independently or as part of a team.
- Exceptionally strong communication and documentation skills, capable of effectively articulating technical information to both technical
and non-technical audiences. - Understand the MITRE framework to perform a MITRE Framework mapping for all production Use Cases.
- Develop, configure, and maintain complex Splunk search queries, reports, alerts, and dashboards to meet the specific needs of the
organization. - Collaborate with cybersecurity analysts to identify key data points and log sources for correlation to enhance threat detection and
response capabilities - Implement advanced Splunk correlation techniques to identify and alert on any potential security incidents and vulnerabilities.