What are the responsibilities and job description for the Sr. Splunk Engineer position at CARE IT Services Inc?
Benefits:
Hope doing good & Well
Position: Sr. Splunk Engineer
Location: 100% REMOTE
Duration: 6 to 9 months
Visa Status: GC-EAD/GC/USC.
Job Overview:
Client Is looking for a network and system administrator with deep Splunk subject matter expertise who can create ad hoc queries to identify security and IP protocols on servers and in application communications. This person should have a solid understanding of Spunk Security framework (Spunk ES and Splunk Phantom Operations) dashboards within an agile environment. These servers and applications are 80% installed on premise and 20% Azure. Consultant must be familiar with both NTLM and Kerberos. Removing NTLM from the client environment is the goal of the project.
Experience :
Expert level use of Splunk platform query to mine data across a 3000 server mixed 80% Windows and 20% Linux (including RHEL)
Splunk ES and Spunk Phantom
Splunk Enterprise Security experience
Azure and Splunk in Azure experience is a plus
Splunk query language
Identification of IP and security protocols
Solid documentation and reporting skills
Self-starter with excellent time management
Development of reporting and dashboard that align with the compliance and security goals of the organization
Analyze data gathered and develop correlation of the protocol, server configuration, and identification of the corresponding application.
Establishing and documenting standards, workflows, and processes for the project
The following are security certification are recommended: CISSP, CISM, GSEC, GIAC, GPEN
venkatesh@careits.com
This is a remote position.
- Company parties
- Competitive salary
- Dental insurance
- Flexible schedule
Hope doing good & Well
Position: Sr. Splunk Engineer
Location: 100% REMOTE
Duration: 6 to 9 months
Visa Status: GC-EAD/GC/USC.
Job Overview:
Client Is looking for a network and system administrator with deep Splunk subject matter expertise who can create ad hoc queries to identify security and IP protocols on servers and in application communications. This person should have a solid understanding of Spunk Security framework (Spunk ES and Splunk Phantom Operations) dashboards within an agile environment. These servers and applications are 80% installed on premise and 20% Azure. Consultant must be familiar with both NTLM and Kerberos. Removing NTLM from the client environment is the goal of the project.
Experience :
- Must have 5 yrs network analyst and SIEM SME evaluating customers’ networks and security methodologies including:
Expert level use of Splunk platform query to mine data across a 3000 server mixed 80% Windows and 20% Linux (including RHEL)
Splunk ES and Spunk Phantom
Splunk Enterprise Security experience
Azure and Splunk in Azure experience is a plus
- Must have previous experience Network protocol analysis
Splunk query language
Identification of IP and security protocols
Solid documentation and reporting skills
Self-starter with excellent time management
- Must have previous experience in security operations, incident management, or command center environment such including:
Development of reporting and dashboard that align with the compliance and security goals of the organization
Analyze data gathered and develop correlation of the protocol, server configuration, and identification of the corresponding application.
Establishing and documenting standards, workflows, and processes for the project
The following are security certification are recommended: CISSP, CISM, GSEC, GIAC, GPEN
- Must be able to communicate progress and result effectively with network, server, and application teams
venkatesh@careits.com
This is a remote position.
