Blog

Sr. Splunk Engineer |Remote|

Hi,

Hope you are doing well

I do have a position from one of our client. Below is the job description, let me know if you are interested.

Job title:– Sr. Splunk Engineer

Location:- Remote

End-Client:-  Shambliss Guardian (Working with Prime Vendor)

Job Description:-

Job Overview:

 Client Is looking for a network and system administrator with deep Splunk subject matter expertise who can create ad hoc queries to identify security and IP protocols on servers and in application communications. This person should have a solid understanding of Spunk Security framework (Spunk ES and Splunk Phantom Operations) dashboards within an agile environment. These servers and applications are 80% installed on premise and 20% Azure. Consultant must be familiar with both NTLM and Kerberos. Removing NTLM from the client environment is the goal of the project.

 Key Responsibilities:

 1.    Must have 5 yrs network analyst and SIEM SME evaluating customers’ networks and security methodologies including:

  • Sniffer or other traffic analysis tools to identify network and security protocols
  • Expert level use of Splunk platform query to mine data across a 3000+ server mixed 80% Windows and 20% Linux (including RHEL)
  • Splunk ES and Spunk Phantom
  • Splunk Enterprise Security experience
  • Azure and Splunk in Azure experience is a plus

 2.    Must have previous experience

  • Network protocol analysis
  • Splunk query language
  • Identification of IP and security protocols
  • Solid documentation and reporting skills
  • Self-starter with excellent time management

 3.    Must have previous experience in security operations, incident management, or command center environment such including:

  • Breaking down, Integrating various log and data sources into SIEM
  • Development of reporting and dashboard that align with the compliance and security goals of the organization
  • Analyze data gathered and develop correlation of the protocol, server configuration, and identification of the corresponding application.
  • Establishing and documenting standards, workflows, and processes for the project
  • The following are security certification are recommended: CISSP, CISM, GSEC, GIAC, GPEN

4.    Must be able to communicate progress and result effectively with network, server, and application teams

 
 

click here

0 0 votes
Article Rating
Subscribe
Notify of
guest


0 Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments