Job Description :

UCI's Direct client is located in  NY seeks Splunk Security Engineer with following qualification experience 

Job Description: Responsibilities
• Configure and maintain heterogeneous Splunk environments and in-depth knowledge of log analysis generated by various systems including security products such as LDAP Directories, Application Servers, Web servers and HTTP methodologies.
• Architecture various components within Splunk (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, Parsing, Indexing, Searching concepts, Hot, Warm, Cold, Frozen bucketing, License model.
• Extensive experience in deploying, configuring, upgrading and administering Splunk clusters at an enterprise level.
•       Helping application teams in on-boarding Splunk and creating dashboards, alerts, and reports.
•       Develop custom app configurations (deployment-apps) within SPLUNK in order to parse, index multiple types of log format across all application environments
•       Deployment of Splunk family of software to support log retention, aggregation and analysis requirements, including: Splunk scalability, capacity planning, distributed setup, Search Head Clustering, Index Clustering and performance specifications
•       Perform installation, configuration management, capacity planning, license management, data integration, data transformation, field extraction, event parsing, data preview, and application management of Splunk
•       Integration & Onboarding Database logs with DB Connect Application and developing complex SQL Queries for that purpose.
•       Design and customize complex search queries and promote advance searching, forensics, and analytics
•       Develop dashboards, data models, reports and optimize performance
•       Develop, implement and document configuration standards, policies, and procedures for operating, managing and ensuring the security of the Splunk infrastructure
•       Participate in incident, problem, and change management process related to Splunk
•       Experience administering Access Controls to Splunk (Role based Privileges & Capabilities) using LDAP & Radius Authentication
•       Work closely with Linux and Windows server administration teams to diagnose and resolve configuration issues
•       Be well versed in Splunk technology, implementation of best practices and have a working knowledge in the variety of architectural variations of the Splunk product.
•       Experience with Splunk deployment in the cloud AWS, Azure & Oracle Cloud
•       Hands on experience with Enterprise Applications
•       Hands on experience with Security Tools such as IDS/IPS, AV, Endpoint management
•       Hands on experience with Virtualization Technology such as VMWare
•       Scripting/Programming experience with Python, Perl, PowerShell or Bash
•       Security Information Event Management (SIEM)
•       Experience working in a large corporate enterprise environment
•       5+ years of experience with deep technical expertise and strong leadership supporting enterprise level SIEM technology and logging frameworks
•       2+ years of experience deploying and operating Splunk Enterprise Security (ES)
•       Formal education and advanced degree in Information Security, Cyber-security, Computer Science or similar and/or commensurate demonstrated work experience in the same
•       Ability to develop, document and maintain security policies, processes, procedures, and  standards.
•       Determining security requirements by evaluating business strategies and requirements;  researching information security standards; conducting system security and vulnerability  analyses; studying architecture/platform; identifying integration issues; preparing cost  estimates.
•       Knowledge of and experience in developing and documenting security architecture and  plans, including strategic, tactical and project plans.
•       Excellent technical knowledge of mainstream operating systems and a wide range of  security technologies, such as network security appliances, identity and access  management systems, anti-malware solutions, automated policy compliance tools and  desktop security tools

 

UCI is an award winning, minority and women owned certified business with a 20-year successful track record of providing high quality information technology services to our clients and our business partners. UCI specializes in placing IT consultants with a focus on serving the Public Sector, Utilities, Transportation, Health & Human Services, and Financial Services Industries. Our Vision is to be our customers IT services provider of choice; satisfying their needs by exceeding expectations through excellence delivery while maximizing value. Our Values are the basis for our actions; they are commitments we make to our customers, employees, and partners. We strive to develop sustainable relationships based on trust, responsiveness and accountability.

             

Similar Jobs you may be interested in ..