Senior Splunk Engineer Specialist - TDI Job at MelkoTech
Location: Remote/Washington, DC
Category: Technology
Schedule (FT/PT): Full Time
Travel Required: N/A
Shift: N/A
Potential for Telework: Yes
Referral Eligibility: N/A
Group: FedCiv
Description
We're looking for a Splunk Engineer to support a cybersecurity-focused deployment of Splunk while working side by side with other security personnel.
This position will execute the following tasks
Development, deployment, or administration of Splunk.- Onboard Splunk Enterprise Security (ES) critical data sources - ingestion of critical data sources/data logs from the enterprise into the Security Information Event Management (SIEM) tool to meet the Splunk ES implementation.
- Normalize Log Data to Common Information Model (CIM) as required by Splunk ES to meet the provided security use cases (Rules/Alerts).
- Create viewable Splunk dashboards to provide visibility into ingested log data.
- Create alerts that trigger/activate on configured setting to deploy or sends a note/email/attachments to a particulate destination email or groups.
- Create security rules (alerts) that trigger on anomalous activities or threat detections
- Provide Splunk support assisting staff with any communication or log ingestion issues.
- Resolve Splunk infrastructure or system issues.
- Check virtual server availability, functionality, integrity, and efficiency
- Manage virtual server resources including performance, capacity, availability, serviceability, and recoverability.
- Monitor and maintain virtual server configuration.
- Diagnose failed servers or connectivity problems.
- Perform other official duties as assigned
Qualifications
Three (3) or more years of hands-on experience with security monitoring tools such as IDS/IPS,
FWs and NACs, Identity Management systems and protocols such as NetFlow (Snort, Bro, Palo Alto, Checkpoint, Cisco ISE, FireEye, Gigamon).
- Three (3) or more years of IT security experience.
- Experience with both the Linux and Windows operating systems.
- Experience working with cloud services such as AWS, Azure and O365 and cloud access security
brokers.
- Experience in the use of network monitoring tools with a strong understanding of network
protocols.
- Ability to perform security analysis, development and implementation of security policies,
standards and guidelines.
Certifications
Splunk Admin Certification required- Splunk Architect preferred
Security/Clearance Requirements
Must be a US citizen and pass a background investigation. Ability to obtain and maintain a Public Trust Security Clearance – Higher-level clearances are suitable and will be held.
Pay and Benefits
Pay and benefits are fundamental to any career decision. Our client crafts compensation packages that reflect the importance of the work being done and enable customers to achieve the true value you bring to the program and the company. Employment benefits include competitive compensation, Insurance, Health, and Wellness programs, Paid Leave, Retirement, Short-Term and Long-Term Disability insurance, 529 program access, and more. For more details, please contact your recruiter or first-line manager.
Client and Recruiter Information
Our client is an award-winning cyber-focused data science solutions and services leader working to accelerate and enable our customer's success as they work to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. Owing to the predominantly classified nature of their work, we hold back this information from public postings.
We are proud to be the primary firm providing recruiting services for this exceptional cybersecurity firm.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. We will also consider employment-qualified applicants with criminal histories consistent with relevant laws.
Securing Your Data
Beware of fake employment opportunities using our name. We will never ask you to provide payment-related information during any part of the employment application process nor will we ever advance money as part of the hiring process. Further, we will only communicate with you through emails generated via our primary domain, never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp or Telegram, etc. If you received an email purporting to be from us that asks for payment-related information or any other personal information, and you are concerned about its legitimacy, please make us aware immediately by reaching out to the Human Capital Manager you are working with.
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the
U.S. Federal Trade Commission.
Please Note :
apexdining.ca is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, apexdining.ca provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.