Job Description :

DirectClient: Office of the Attorney General of Texas(OAG)
Title: Splunk Architect/Engineer
Location: OAG-CSD State Office located at 5500 E. Oltorf St, Austin, TX 78741/Telecommuting
Duration: Until 8/31/2021 with possible extension upto 8/31/2022
Last date for submission: May 28, 2021 (2.00 PM-CST)

Security Information and Event Management (SIEM) is one of the key focus solution areas within the Enterprise Information Security (EIS) division. The Security Analyst is required to work on and lead the SIEM architecture, implement and design use cases tailored to monitor and protect our hybrid data center and cloud environments as well as improve our security posture.

Ideally, we are looking for a Splunk Architect and Engineer with experience working on premise and/or in the Splunk cloud. 
This person will need to have hands-on experience with Splunk including:
•       Collaborating across the IT organization to ensure application, infrastructure, identity, and access management events are configured and monitored
•       Designing and maintaining production-quality dashboards
•       Troubleshooting Splunk server agent problems and issues
•       Mentoring and training security users and administrators
•       Serving as a Splunk escalation point for IT and Security operations

Minimum Requirements:
Years    Required/Preferred    Experience
8    Required    Experience working in Cybersecurity space.
5    Required    Experience in architectural design and implementation of Splunk SIEM solutions
5    Required    Ability to assess customer's situation, business needs, complex problems, and provide expert recommendations in the areas of Splunk knowledge management, administration, and architecture
5    Required    Hands on experience as a Splunk Administrator
5    Required    Hands-on development experience using 1 or more SIEM query languages
5    Required    Proven experience migrating and upgrading Splunk environments
5    Required    Experience in the supporting policy, procedures and practices required to deliver and maintain an effective operational SIEM solution
5    Required    Experience in implementing, managing, and/or working in a Security Operations Center
5    Required    Understanding of legislative demands and compliance requirements mitigated through SIEM
5    Required    Has leadership qualities, able to work well independently as well as a team member
5    Required    Well organized with a healthy sense of urgency, able to set, communicate, and meet aggressive deadlines with competing priorities
5    Required    Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and lead and work as part of a team
4    Required    Graduation from an accredited four-year college or university with major coursework in cybersecurity, information technology, computer engineering, computer information systems, computer science, management information systems
4    Required    Experience in the following (or closely related) fields may be substituted for the required education on a year-for-year basis: information security, information technology, or risk management
1    Required    Professional Accreditations (CISSP, CISM, Vendor Certifications, or equivalent certifications)
7    Preferred    Research and analytical background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis
7    Preferred    Possess a solid understanding of application security standards, frameworks, attack methods, and mitigation best practices (e.g., OWASP, SANS, NIST, PCI DSS, HIPAA, CIS Critical Controls)
5    Preferred    Experience in creating, documenting, and maintaining policies, procedures, and workflows is strongly preferred
3    Preferred    Understanding of Cloud based solutions such as AWS, Azure, and/or Google Cloud.
1    Preferred    Splunk Enterprise Certified Architect; Splunk Enterprise Security Certified Admin; Splunk Phantom Certified Admin; Splunk Cloud Certified Admin

Client : OAG


Similar Jobs you may be interested in ..