Remote - Splunk SIEM Engineer - Richmond, VA

Richmond, VA Richmond VA 23298

Date : Aug-01-24

Richmond, VA

Aug-01-24

Work Authorization

US Citizen
GC
H1B
EAD (OPT/CPT/GC/H4)

Preferred Employment

Corp-Corp
W2-Permanent
W2-Contract
1099-Contract
Contract to Hire

Job Details

Experience

Architect

Rate/Salary ($)

open

Duration

Sp. Area

Project, Product Management, Dev Ops

Sp. Skills

Splunk

Consulting / Contract

Remote Work from Home

Required Skills :

Security, Splunk, Network, ACCESS, FireWall, Linux, Windows Azure

Preferred Skills :

Domain :

Work Authorization

US Citizen
GC
EAD (OPT/CPT/GC/H4)
H1B

Preferred Employment

Corp-Corp
W2-Permanent
W2-Contract
1099-Contract
Contract to Hire

Job Details

Experience

Architect

Rate/Salary ($)

open

Duration

Sp. Area

Project, Product Management, Dev Ops

Sp. Skills

Splunk

Consulting / Contract

Remote Work from Home

Required Skills :

Security, Splunk, Network, ACCESS, FireWall, Linux, Windows Azure

Preferred Skills :

Domain :

KE Staffing
Naperville, IL
Post Resume to
View Contact Details &
Apply for Job

Job Description :

Responsibilities:

• Development, deployment, or administration of Splunk.

• Onboard Splunk ES critical data sources - ingestion of critical data sources/data logs from the enterprise into the Security Information Event Management (SIEM) tool to meet the Splunk Enterprise Security (ES) implementation.

• Normalize Log Data to Common Information Model (CIM) as required by Splunk ES to meet the provided security use cases (Rules/Alerts).

• Create viewable Splunk dashboards to provide visibility into ingested log data.

• Create alerts that trigger/activate on configured setting to deploy or sends a note, email, or attachments to a particulate destination email or groups.

• Create security rules (alerts) that trigger on anomalous activities or threat detections.

• Splunk Support - Assisting Customers with any issues when ingestion of logs that are not working properly or communication issues with Splunk.

• Resolve Splunk infrastructure or system issues.

• Check virtual server availability, functionality, integrity, and efficiency.

• Monitor and maintain virtual server configuration.

• Diagnose failed servers or connectivity problems.

Qualifications:

• Completed Bachelor’s degree from an accredited university is required, preferably in an IT related field.

• Minimum of 5 to 7 years of experience related to the qualifications above, including work with security monitoring tools such as IDS/IPS, FWs and NACs and protocols such as NetFlow (Snort, Bro, Palo Alto, Checkpoint, Palo, Arista, ISE,FireEye, Gigamon).

• Strong experience with the development, deployment and administration of Splunk along with Security Information Event Management tools.

• Experience working with cloud services such as AWS, Azure and M365 and cloud access security brokers.

• Experience in the use of network monitoring tools with a strong understanding of network protocols.

• Ability to perform security analysis, development and implementation of security policies, standards, and guidelines.

• Ability to quickly explore, examine and understand complex security problems and how it affects a customer’s business.

• Experience with both the Linux and Windows operating systems.

• Experience with SOAR and Firewall platforms from Palo Alto Networks.