Splunk Engineer

About This Role

Implement and maintain Splunk solutions, create complex queries and dashboards, and analyze logs for attack techniques to enhance security and compliance for clients.

Requirements

• Active Secret security clearance
• 5-7 years experience in Computer Science, Information Technology, or a related field
• Experience in building Splunk Technology Add-ons and configuring field extractions
• Proficiency in SPL (Search Processing Language)
• Experience in designing, developing, testing, troubleshooting, deploying, and maintaining Splunk solutions, reporting, alerting, and dashboards
• Extensive knowledge of a tier Splunk installation: indexers, forwarders, search heads, clusters
• Experience analyzing system, network, and application logs for attack techniques at all stages of the cyber kill chain
• Strong analytical and critical thinking skills
• Strong problem-solving skills to investigate and resolve Splunk platform and data ingestion issues
• Knowledgeable in using scripting languages (e.g., Python)
• Detail-oriented with a strong commitment to documenting configurations, processes, and best practices

Qualifications

• Masters Degree or equivalent combination of education in Computer Science, Information Technology, or a related field
• 5 to 7 years of experience

Nice to Have

• Experience with more than one enterprise-scale EDR and SIEM tool
• Experience consuming and analyzing Cyber Threat Intelligence for actionable takeaways
• Familiarity with ServiceNow cloud offering and log ingestion to Splunk

Skills

* Required skills

Certifications