Job Title: Splunk Security Mgt Specialist
Location: Culpeper, VA
Scope of Work:
Provide expert guidance and architectural recommendations for implementation and tailoring of Splunk and Splunk Enterprise Services (ES) in a heterogenous Unix, Windows, Network and Application environment.
Provide the same type of guidance for integrating Splunk/Splunk ES into a Security Operations Center's best practices and use cases.
Candidate must have extensive experience in the implementation of Splunk and the ES app. Experience in other toolsets such as Firepower (snort), Fireeye, EPO, etc are a plus.
- Expert knowledge of Security Incident and Event Management (SIEM) Expert
- Ability to design, support and maintain Splunk/Splunk ES infrastructure in a highly-available environment Expert
- Expert in architectural design, specification and maintenance of Splunk/Splunk ES Expert
- Experience tailoring data ingestion for HPUX, Solaris, RHEL and Windows systems Expert
- Ability to analyze security architecture from a holistic view to provide guidence to Security Operations Center (SOC) Expert
- Ability to validate the existing Splunk architecture and recommend best practices and improvements Expert
- Ability to serve as a liaison between development teams and stakeholders to understand and formulate complex security requirements Expert
- Familiarity with cyber toolsets such as FireEye, Firepower, Tripwire and Tanium
- Familiarity with syslog-ng event and log forwarding Specialist
- Familiarity with big data concepts Specialist