Address
Form of work
Salary Job Title: IT Security SIEM Engineer
Location: New York, NY (Onsite)
Duration: 12 + Months
Direct Client
Responsibilities:
The IT Security SIEM (Splunk) Engineer will provide overall engineering, and administration in supporting a cloud based Splunk environment consisting of search heads, indexes, deployers, deployment servers, heavy/universal forwarders and Splunk apps spanning security, performance, and operational roles. The Engineer should be proficient with recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlining the key trends of the data. The IT Security SIEM (Splunk) Engineer should be proficient within Linux environment, edition and the following:
" Good understanding and hands on experience of designing business solutions using Splunk
" Ability to Design, develop, and maintain complex Splunk queries and dashboards intended for technical and executive audiences
" High level experience with dashboards, reports, alerts and managing knowledge objects
" Knowledge of enterprise logging, including application, web, database, and security logging
" Strong interpersonal, communication, and presentation skills
" Advanced experience with Splunk data analytics, data visualization, reporting capabilities
" Ability to work self–sufficiently on assigned tasks
" Responsible for identifying and onboarding of log sources to help with monitoring, detection, and response
" Work with stakeholders to develop requirements and deliverables
Q u alifi c a t i o n s a n d D e s ire d S k il l s :
" Knowledge of Incident Response Procedures
" Knowledge of Packet Analysis
" Knowledge of IDS/IPS solutions and various Host–Based Tools
" Experience with Log Aggregation Tools
" Knowledge of patterns in network and system activity via log correlation using
Splunk and supplemental tools
" Verbal and written communication ability
" Splunk Certified to include but not limited to Splunk Enterprise Certified Admin,
" Splunk Cloud Certified Admin, Splunk Enterprise Certified Architect
" CASP, GCIH, GCWN, GISF, GISP, GSSP, GICSP, GSSP, SEI, CISSP, CSSLP, SSCP, CCNP, CCNP Security, CCIE Security, CEH, ECSP, MCSE
Benefits:
$68.00 – $78.00 DOE
W2/C2C both will work.
Onsite Role
