Demo
Salary Resume Critique Job Openings

Sr. Splunk Enterprise Security App Dev/Administrator (Remote)

ITmPowered, LLC
Seattle, WA Remote Full Time
POSTED ON 1/27/2025
AVAILABLE BEFORE 4/22/2025

Sr. Splunk Enterprise Security App Dev / Administrator (Remote) - ITmPowered

Sr. Splunk Enterprise Security Developer Administrator will develop, create, integrate, and administer a highly advanced Splunk Security application (eSAR) developed internally to detect improper access to protected data by employees and malicious user activity. Develop Splunk Apps and add-ons in support of Security Access cyber threat monitoring, threat management and data compliance across numerous business critical enterprise applications. Develop advanced Splunk ES Application functionality. Work with Splunk Developers using Agile development and administration using Agile project management methodologies. Work with the Splunk Engineering team, and support Splunk development, data integrations, and application administration using Agile methodologies. Splunk Enterprise Certified Architect OR Splunk Certified Developer required. Splunk Core Certified Consultant Preferred.

RESPONSIBILITIES :

  • Administering Splunk and Splunk App for Enterprise Security (ES) log management, ingestion, normalization.
  • Advanced Splunk analytics and the development and administration of custom Splunk applications.
  • Splunk data integrations with business-critical enterprise applications and systems.
  • Translating feedback from the business to Splunk technical requirement and solutions.
  • Develop specialized Splunk Security and Compliance applications, add-ons, data models, dashboards, content using Python, Splunk SPL, Splunk SimpleXML (OR JavaScript, CSS), Bash.
  • Develop custom Splunk applications and Add-Ons for inclusion of access events per use case criteria.
  • Leverage Modular design to onboard access / security logging applications and include in incident scoring.
  • Onboard access logging applications via modular design
  • Develop Splunk Risk scoring based on compliance conditions to determine suspicious access events.
  • Develop custom risk scoring to weed out white noise and only show actionable incidents to SOC Analysts.
  • Develop Dashboards for Security Analysts with detailed drill down capability for incident response.
  • Develop triage workflows for analysts to assign and track ongoing investigations.
  • Develop summary indexing enrichment of access events with IAM data, Application data, Break-the-Glass logs.
  • Aggregate access event data for specific criteria.
  • Enable fast searching across fully enriched access events over long periods of time.
  • Develop Break-the-Glass correlations in Splunk for contextual user access / app data mapping & monitoring.

Skills and experience :

  • Active Splunk Enterprise Certified Architect or Splunk Certified Developer - Required at a minimum.
  • Splunk Core Certified Consultant - strongly preferred.

    • Required Experience : In addition to active Splunk certification(s), must also have experience with the following :

  • Python development - Proficiency in Python programming language
  • Splunk SimpleXML or web development (JavaScript, CSS)
  • Splunk app & add-on development
  • Splunk data modeling
  • Strong experience in Splunk development, building dashboards, reports and lookup tables.
  • Programming experience (Python and Splunk SimpleXML OR JavaScript, CSS)
  • Working knowledge of Splunk including SPL, indexers, forwarders, search heads
  • Experience in OOAD, agile processes, design patterns
  • Expertise in large scale cyber security data analytics, identifying data-driven threat collection opportunities.
  • Prior Information security analysis experience in a Cyber Security Operations Center (CSOC)

    • Soft skills

  • Ability to collaborate with others, leveraging many project approaches (Agile / Scrum, Waterfall, Gantt Charts)
  • Comfortable working remotely with team members around the country. Self-starter with intellectual curiosity

    • LOGISTICS :

  • Work remotely anywhere in Domestic US. Preferred locations Colorado or Georgia.
  • Contract role through end of the year with potential for extension and / or conversion to perm.
  • COVID-19 Vaccine and Booster Required - OR must provide valid medical exemption from doctor in advance.
  • Must be able to successfully pass a 12-panel drug screen, 10-year background check, employment verification.
  • You will need to be a current US Citizen or valid Green Card holder. No need for visa now or in future. This role is not able to offer visa transfer or sponsorship now or in the future.
  • W2 only - No sub vendors. Sponsorship NOT available.
  • Must have direct contact information on resume (phone / email) to be considered.

    • If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
    Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

    What is the career path for a Sr. Splunk Enterprise Security App Dev/Administrator (Remote)?

    Sign up to receive alerts about other jobs on the Sr. Splunk Enterprise Security App Dev/Administrator (Remote) career path by checking the boxes next to the positions that interest you.
    Income Estimation: 
    $117,024 - $149,811
    Income Estimation: 
    $137,568 - $176,908
    Income Estimation: 
    $144,503 - $184,592
    Income Estimation: 
    $150,756 - $194,140
    Income Estimation: 
    $172,191 - $221,861
    Income Estimation: 
    $114,549 - $164,025
    Income Estimation: 
    $153,752 - $200,235
    Income Estimation: 
    $101,441 - $130,752
    Income Estimation: 
    $111,369 - $141,168
    Income Estimation: 
    $117,871 - $153,580
    Income Estimation: 
    $109,939 - $144,341
    Income Estimation: 
    $114,500 - $144,633
    Income Estimation: 
    $120,936 - $155,014
    Income Estimation: 
    $131,745 - $167,716
    Income Estimation: 
    $144,503 - $184,592
    Income Estimation: 
    $102,541 - $137,871
    Income Estimation: 
    $153,752 - $200,235
    Income Estimation: 
    $117,871 - $153,580
    Income Estimation: 
    $131,745 - $167,716
    Income Estimation: 
    $144,503 - $184,592
    Income Estimation: 
    $102,541 - $137,871
    Income Estimation: 
    $153,752 - $200,235
    Employees: Get a Salary Increase
    View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

    Job openings at ITmPowered, LLC

    Sr. IT Auditor Consultant, Hospital Medical Device IT Controls
    ITmPowered, LLC
    Hired Organization Address Denver, CO Full Time
    Sr. IT Auditor Consultant, Hospital Medical Device IT Controls Be on the frontlines of Technology Risk in the emerging a...
    Network Security Firewall Engineer - IoT
    ITmPowered, LLC
    Hired Organization Address Denver, CO Full Time
    Network Security Firewall Engineer - IoT - ITmPowered The Network Security Firewall Engineer focuses on firewall solutio...
    Sr. Web Platform Engineer - F5, NGINX
    ITmPowered, LLC
    Hired Organization Address Seattle, WA Full Time
    Sr. Web Platform Engineer - F5, NGINX Sr. Web Platform Engineer will work as a part of the enterprise digital platform d...
    Tableau Developer Data Engineer
    ITmPowered, LLC
    Hired Organization Address Denver, CO Full Time
    Tableau BI Engineer - ITmPowered Tableau Engineer will design, develop, and deliver high performance Tableau dashboards,...
    View More Jobs at ITmPowered, LLC

    Not the job you're looking for? Here are some other Sr. Splunk Enterprise Security App Dev/Administrator (Remote) jobs in the Seattle, WA area that may be a better fit.

    Sr. Product Manager, Data Platform

    Splunk, Seattle, WA

    Director of Product Management - APM, Splunk Observability

    Splunk, Seattle, WA

    View More Jobs

    AI Assistant is available now!

    Feel free to start your new journey!