NOTE: THIS POSITION IS TO JOIN AS W2 ONLY.
Splunk Cybersecurity Engineer
Location: Silver Springs, MD (REMOTE)
Duration: 5 Months
About Role: The security engineer plays a key role in the GICS security engineering team, ensuring that security best practices are followed and that tools and processes that support a secure platform are maintained and kept up to date. The ideal candidate will be responsible for the design, implementation, and management of Splunk infrastructure, ensuring high performance, availability, and scalability. This role will require deep technical expertise in Splunk as well as the ability to work collaboratively with other teams to integrate Splunk into various IT and security systems.
As security engineer, ideal candidate is expected to:
- Plan, design, engineer and implement security-related technologies
- Identify and communicate opportunities to enhance the security posture of Client
- Build and / or manage enterprise security platforms effectively (mainly Splunk and SOAR)
- Communicate effectively across all levels of management to articulate WBD security goals and vision.
- Build and / or manage enterprise security platforms effectively
Splunk Focused Responsibilities:
- Design and Architecture:Lead the design, deployment, and maintenance of Splunk infrastructure across multiple environments Develop and implement best practices for scaling and optimizing
- Splunk deployments. Architect complex Splunk solutions tailored to the organization’s needs, ensuring data integrity and optimal performance.
- Data Ingestion and Management:Integrate and ingest data from various sources (applications, network devices, security tools) into Splunk, ensuring data normalization and enrichment. Create and manage data models, field extractions, lookups, and accelerations.
- Dashboard and Alerting:Design, develop, and maintain custom dashboards, reports, and alerts for different stakeholders (IT, Security, Compliance). Implement real-time monitoring and alerting solutions to detect and respond to critical incidents.
- Security and Compliance:Work closely with the Security Operations Center (SOC) to support security monitoring, threat detection, and incident response efforts. Ensure Splunk deployments meet compliance requirements and are aligned with industry standards (e.g., PCI, HIPAA, GDPR).
- Collaboration and Support:Collaborate with cross-functional teams (developers, network engineers, security analysts) to ensure seamless integration of Splunk with other systems. Provide mentoring and training to junior Splunk engineers and other IT staff. Troubleshoot and resolve complex Splunk-related issues, ensuring minimal downtime and service disruption.
- Automation and Scripting:Develop scripts and automation tools to streamline Splunk administration, data ingestion, and reporting tasks. Utilize Splunk’s REST API for advanced integrations and custom solutions.
- Documentation and Reporting:Maintain detailed documentation of Splunk architecture, configurations, processes, and procedures. Generate periodic reports on Splunk performance, usage, and incidents for management review.
Candidate Requirements:
- A minimum of 5+ years of hands-on experience in building, designing, and maintaining enterprise security tools such as SIEM and SOAR.
- Minimum of 5 years of experience working with Splunk in a large-scale environment.
- Proven experience in designing and managing Splunk Enterprise, and Splunk Cloud
- 5+ years of successfully implementing advanced cyber security technology in a complex environment
- Bachelor's degree in computer science, engineering, or other related discipline or 5+ years of previous technical security experience
- Strong knowledge of Splunk SPL (Search Processing Language) and regular expressions
- Experience with cloud platforms (AWS, Azure, GCP) and their integration with Splunk.
- Hands on technical experience with networking and computing system architectures, specifically, the security aspects thereof.
- Hands on technical experience with compliance and regulatory frameworks and how they affect architecture designs and reviews.
- Must have 5+ scripting experience (using Python or other equivalent languages)
Nice-to-Haves:
- Security and Cloud certifications are a plus. (CISSP, etc.)
- Splunk Advance certification (Splunk Cloud Certified Admin, Enterprise Certified Admin, Enterprise Certified Architect, etc.) is a plus.
- MXDR experience
- QR experience
See more jobs at Loginsoft Consulting LLC
Apply for this job