• Provides strategic support of Splunk integration and deployment, configuration and maintenance
• Interpret and develop content for SIEM products to meet internal and external customer requirements
• Coordinate with other organizations (TMC/Incident Responders, Operations, Management) and assist with advanced issue resolution across the enterprise
• Maintain the proper operation and performance of Splunk Forwarders, and clustered Indexers and Search Heads
• Develop filters to assist in the identification of significant events
• Provide recommendations and implement changes to optimize Splunk products in the customer environment
• Write and develop custom scripts, programs as needed
What Are We Looking For in This Role?
• Bachelor’s Degree in Information Systems, Security, Engineering, or other related scientific or technical discipline.
• 8 years overall IT experience
• 6+ experience with design, configuration, and support of Splunk 6.x, and/or other security technologies
• Certified Splunk Architect or Consultant preferred
• Ability to perform basic scripting tasks with Splunk to automate repeatable processes using Python, Ruby, PowerShell, Perl, etc.
• Experience with interpreting requirements and implementing Use-Cases
• Strong analytical and creative problem solving skills
• Technical writing of Installation/Deployment Procedures and requirements documentation
• Fluency in oral and written English language communication
Skills / Knowledge -
• Experience developing enterprise strategic implementation of Splunk deployments.
• Basic understanding of Information Security with relevant work experience and/or relevant education/certifications.
• Implementation/support of ArcSight and/or Splunk
• Supervision - Acts independently to determine methods and procedures on new or special assignments. May supervise the activities of others.
• Risk Assessment - Ability to identify, communicate, and mitigate risk within technical solution designs
• Industry Knowledge - Continued self-education of new and emerging threats and relevant processes, controls, or technologies to mitigate them.