InquisIT is looking for a Splunk Engineer to join our team. The Splunk Engineer will work as a member of the Infrastructure and Operations team and will be responsible for engineering and administration of the Enterprise Splunk implementation, analysis, creation of procedures, enhancements, and dashboards for managing and maintaining the SIEM across the hybrid environment. The Splunk Engineer will work closely with Management, Senior Engineers, Solution Architects, and the Cybersecurity group to complete high profile, critical services for EXIM Bank. Primary Job Responsibilities: * Serves as the escalation point identifying potential information security incidents * Responsible for architectural changes, tool deployments and advanced content development * Designs, deploys, tests, troubleshoots, and maintains the Enterprise SIEM (Splunk) Environment including configuration issues, deployment problems, and role-based accesses across Windows, Linux, and cloud * Onboard advanced data sources, create new custom parsers, architecture assessment, and design reviews * Deliver advisory support and education relating to the SIEM to executives and other technology personnel * Help define, implement and monitor key risk indicators and key performance indicators (KRIs/KPIs) * Review and critique system security plans, network diagrams, and other security documentation as part of vulnerability engagements * Develop scripts to simplify data collection and other laborious tasks that are necessary to occur throughout onboarding of log sources * Develop, tune, and maintain tools to automate analysis capabilities for network-based, host-based and log-based security event analysis * Manage project tasks, reporting, and customer meetings Experience and Qualifications: * 5+ years of information security engineering and operations including: security operations, incident analysis, incident handling, and vulnerability management or testing, log analysis, intrusion detection * 2+ years supporting Splunk with 3rd party tool * Bachelor's degree in Computer Science, Information Technology, or related degree; experience may be substitute * Experience with onboarding and monitoring cloud environments (eg AWS, Azure, Raskspace, Google Cloud, 3rd Party Hosting Environments) * Understanding of FISMA, NIST, and FICAM policies * Understanding of networking/distributed computing environment concepts; understands principles of routing, client/server programming, the design of consistent network-wide file system layouts * Experience with the following technologies desired: Nessus, Qualys, IDS/IPS, network- and host-based firewalls, data leakage protection (DLP), User and Network Behavior Analytics, End Point Solutions, and third-party monitoring tools such as Solarwinds and Zabbix * Works well both in a team environment and independently * Excellent interpersonal and organization skills * Excellent oral and written communication skills Required Certifications * Splunk Enterprise Certified Admin or Certified Architect Desired Certifications: * Security+ * CISSP * CEH * CCSE * CISA InquisIT provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, InquisIT complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.