Job Description :
Job Title: Splunk Engineer
Location: Linthicum, MD
Duration: Long Term

Candidates must be local to the Maryland area. NO OUT OF STATE CANDIDATES WILL BE CONSIDERED
US Citizens, Permanent Residents (full Green Cards), EAD on Technocraft’s Payroll.

This position requires 5+ years of experience. A Bachelor’s degree is required.

We have an immediate need for a Splunk Engineer who will:
Provide leadership for all design, implementation, and maintenance activities related to Splunk Enterprise and ITSI
Create, optimize, and continuously evaluate security monitoring content (correlated searches/alerts) on Splunk and define and update KPI’s for ITSI
Design and create new detection techniques and improve existing ones
Identify gaps in existing security capabilities. Recommend and assist in technology evaluations and implementations to close the gaps
Design and implement Amazon AWS monitoring solution. This role will serve as the AWS subject matter expert for the monitoring team
Plan and lead large security projects and initiatives. The candidate is expected to work with all areas of Information Services, business units, and other partners on enterprise scale projects and initiatives
Responsible for the management, advanced configuration, monitoring, and log analysis, and fine tuning of Splunk

Required Skills:
A Bachelor''s Degree from an accredited college or university with a major in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical discipline
Experience with Splunk, network security, system security, and supporting Security Information and Event Management (SIEM)
Five (5) years of experience with Splunk on premise and/or Splunk cloud (configurations, advanced configurations, implementations, upgrades, dashboarding, analytics, monitoring, alerting,)
Three (3) years Hands-on experience implementing, administrating and operating information security technologies such as firewalls, IDS/IPS, SIEM, Antivirus
Minimum three (3) years of Splunk ES or other SIEM solutions. The candidate must have experience in designing, implementing, and maintaining a fully operating SIEM solution
Knowledge of Amazon Web Services (AWS) platform capabilities and best practices architectures, and engineering solutions within multiple Cloud accounts and services
Experience working in AWS via the CLI and management console
Three (3) years of experience in Installing, configuring & administering Splunk Enterprise solution and Splunk Universal Forwarder, Splunk Heavy Forwarder in large distributed environment
Good Experience in creating the Splunk app for Enterprise Security to identify and address emerging security threats through the use of continuous monitoring, alerting and analytics
Experience with rule and advanced logic creation in Splunk
Experience with using scripting languages to automate tasks and manipulate data
Knowledge of enterprise logging, including application, OS, and security technology logging

Client : technocraft