Splunk Engineer (Remote)

NOTE: THIS POSITION IS TO JOIN AS W2 ONLY.

Splunk Engineer / Information Systems Analyst

Location: Silver Springs, MD (Remote)

Duration: 6 Months

Project

The Security Tools Engineer administers, monitors, and maintains security infrastructure, which includes but is not limited to application and container security tools, security orchestration solutions, security information and event monitoring (SIEM), Network Security Tools, system logging and analysis, endpoint security tools, and vulnerability management systems. The position also assists in implementing and maintaining corporate security standards, technologies, and programs.

The Security Operations Engineer plays a key role in the information security team, ensuring that security best practices are followed and that tools and processes that support a secure platform are maintained and kept up to date. Ideal candidates will have a mix of security and systems engineering backgrounds to ensure that business processes are configured correctly and that security best practices are designed and implemented. Candidates will also possess exemplary communication skills to articulate and disseminate security policy to the business.

Job Responsibilities:

• Build and maintain complex technical infrastructure that supports a secure platform that protects our data at rest and in transit.
• Work closely with Enterprise and business owners to identify endpoint coverage scope, strong analytical skills related to working with operating systems and security toolsets.
• Provide technical guidance on industry tools and best practices in the field of endpoint security.
• Monitor and maintain security tools that instrument security policies and capabilities.
• Provide expertise in the field of managing enterprise security systems, specifically the ability to determine the least business impactful way of implementing security tools and features.
• Improve efficiencies using automation and orchestration solutions to reduce manual work that can be done programmatically.
• Administration of system infrastructure that is hosted within a public/private/hybrid infrastructure.
• Remain current with new security trends, continuously assessing systems to ensure they are appropriately configured to defend the business.
• Experience in deploying and correlating threat intelligence and vulnerability management solutions.
• Provide expertise in day-to-day security operations such as onboarding/offboarding of security endpoint agents, user access management, systems’ security and administration, configuration
• changes, system upgrades, ensuring 24x7 systems availability & DR, etc.
• Serve as a point of contact for incident response analysts, security operations center (SOC) analysts, application engineers and security management.

Technology requirements:

• Expert level of expertise with 5+ years of experience dealing with
• Cloud infrastructure (AWS preferred) - EC2, ECS, Route53, SNS, Lambda, Cloudwatch, Secrets Manager, RDS, etc..
• Splunk Frontend and backend
• Linux System level of experience

Must Have Skills:

• Skill: Splunk Frontend and Backend Experience
• Application: Report, dashboarding, queries.
• Skill: Linux (System Admin Level)
• Application: Scripting, patching, updating, troubleshooting.
• Skill: AWS (Admin Level Experience)
• Application: Troubleshooting in the area, storage, VMs, logging, patching, upgrade, etc.

Nice to Have Skills:

• Cyber-Security experience.
• Media or entertainment experience.
• Extensive experience with configuration management tools, such as Ansible or Chef and infrastructure as code tools such as Terraform or CloudFormation.
• Experience with scripting languages such as Python or Go
• Experience in administering SIEM solutions in an enterprise environment including configuring and customizing log data ingestion.
• Extensive experience in Splunk and related SIEM and SOAR technologies (Cribl, Demisto).
• Experience building Docker containers.
• SPLUNK Admin cert.
• AWS certs.