Job Description :
Position: Splunk Security Expert

Location : West Chester, PA

Duration : 6 - 12 months

Interview Process: In-person

Visa: USC, GC, GC-EAD


Description:

This position requires operational and technical expertise pertaining to Splunk Security Information and Event Management (SIEM) and Logging technology. The selected candidate will be responsible for enhancing and supporting Splunk and support of integration efforts associated with RSA Security Analytics. This security engineer role support technical aspects of the company’s threat intelligence and security operations center (SOC) infrastructure.

Essential Duties and Responsibilities:

Provide design, implementation and operations process support as it pertains to Splunk
Enhance cyber threat notification and compliance reporting
Perform Splunk software upgrades and patches
Install and configure Splunk apps
Create and update run books, standard operating procedures, and incident handling first responder playbooks
Script, query and parse log data using regular expressions in Splunk
Monitor common log sources (e.g., firewalls, operating systems, databases, malware prevention, intrusion detection, and applications)
Research into log source configuration settings, manufacturer recommendations, and standards (e.g. CIS and NIST)
Onboard new log sources
Perform security data analytics
Requirements:

Hands-on expertise with Splunk for security event gathering, processing, alerting, and reporting
Hands-on expertise with creating and modifying Splunk dashboards
Bachelor’s Degree in Computer Science, Information Security or equivalent system security engineering experience.
General understanding of security operations centers (SOC) or security incident first responder teams
Understanding of security event logging for common commercial software (e.g., Microsoft Windows, RedHat Linux, MS SQL, Oracle, Apache, etc and infrastructure (e.g., firewalls, proxies, DNS, malware detection, intrusion detection, etc
Ability to author highly technical documentation including runbooks, standard operating procedures, incident responder guides, and system configuration guides
Experience:

4+ years of general Information Security experience
2+ years hands-on experience administering Splunk for security and IT event monitoring


Client : QVC

             

Similar Jobs you may be interested in ..