Cyber Security Manager (Splunk)

A$ A' "A' ?Cyber Security Manager (Splunk) (Remote)Full Time (Permanent)Owings Mills, MD (Remote) Description:Develops and implements security solutions. Administers security technology systems by architecting and engineering/developing trusted systems into secure systems.Licenses/Certifications:Splunk Certified Developer (Not Mandatory)Splunk Enterprise Security Certified Admin (Not Mandatory)CISSP Certified Information Systems Security Professional Upon Hire Required OR Certified Ethical Hacker (CEH) Upon Hire Required OR CompTIA Security+ Certification Required OR CompTIA Network+ Certification requiredExperience: 10 years relevant IT security experienceResponsible for creating Splunk ES (Enterprise Security) Security Information and Event Management (SIEM) content to monitor and detect potential threats to the enterprise.Responsible for SIEM content management, content creation, rule tuning, reporting and alert creation.Integration of signals and telemtry from various security tools including COTS and Cloud-native (AWS, GCP, Azure).Work with Splunk engineers to onboard and normalize new data sources ensuring CIM compliance.Significant experience with threat detection and threat hunting workflows.Significant experience with Incident Response procedures.Significant experience in security data analytics.Significant experience with data models - existing Splunk data models as well as, creation and tuning of data models from the ground up.Experience with Splunk Machine Learning Toolkit (MLTK).Will work closely with the CyberSecurity Monitoring and Automation teams to develop requirements and implement detections.Develop complex dashboards and visualizations.Experience with a variety of scripting languages such as CSS, HTML, JavaScript, Python, PowerShell and shell scripting to automate tasks and manipulate data.