Job Description :
Duties:
1. Provide leadership for all design, implementation, and maintenance activities related to Splunk Enterprise and ITSI.
2. Create, optimize, and continuously evaluate security monitoring content (correlated searches/alerts) on Splunk and define and update KPI’s for ITSI
3. Design and create new detection techniques and improve existing ones.
4. Identify gaps in existing security capabilities. Recommend and assist in technology evaluations and implementations to close the gaps.
5. Design and implement Amazon AWS monitoring solution. This role will serve as the AWS subject matter expert for the monitoring team.
6. Plan and lead large security projects and initiatives. The candidate is expected to work with all areas of Information Services, business units, and other partners on enterprise scale projects and initiatives.
7. Responsible for the management, advanced configuration, monitoring, and log analysis, and fine tuning of Splunk


Education:
1. A Bachelor''s Degree from an accredited college or university with a major in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical discipline.

General Experience:
1. Experience with Splunk, network security, system security, and supporting Security Information and Event Management (SIEM)
2. 5 years of experience with Splunk on-premise and/or Splunk cloud (configurations, advanced configurations, implementations, upgrades, dashboarding, analytics, monitoring, alerting,)
3. 3 years Hands-on experience implementing, administrating and operating information security technologies such as firewalls, IDS/IPS, SIEM, Antivirus
4. Minimum 3 years of Splunk ES or other SIEM solutions. The candidate must have experience in designing, implementing, and maintaining a fully operating SIEM solution.
5. Knowledge of Amazon Web Services (AWS) platform capabilities and best practices architectures, and engineering solutions within multiple Cloud accounts and services
6. Experience working in AWS via the CLI and management console.

Special Qualifications:

Splunk Engineer
1. 3 years of experience in Installing, configuring & administering Splunk Enterprise solution and Splunk Universal Forwarder, Splunk Heavy Forwarder in large distributed environment.
2. Good Experience in creating the Splunk app for Enterprise Security to identify and address emerging security threats through the use of continuous monitoring, alerting and analytics.
3. Experience with rule and advanced logic creation in Splunk
4. Experience with using scripting languages to automate tasks and manipulate data
5. Knowledge of enterprise logging, including application, OS, and security technology logging

Client : Direct