Splunk Engineer

InquisIT LLC
Arlington, VA
Aug 20, 2019
Aug 23, 2019
Engineer, IT, QA Engineer
Full Time
InquisIT is looking for a Splunk Engineer to join our team. The Splunk Engineer will work as a member of the Infrastructure and Operations team and will be responsible for engineering and administration of the Enterprise Splunk implementation, analysis, creation of procedures, enhancements, and dashboards for managing and maintaining the SIEM across the hybrid environment. The Splunk Engineer will work closely with Management, Senior Engineers, Solution Architects, and the Cybersecurity group to complete high profile, critical services for EXIM Bank. Primary Job Responsibilities:A' A cents € cents Serves as the escalation point identifying potential information security incidentsA' A cents € cents Responsible for architectural changes, tool deployments and advanced content development A cents € cents Designs, deploys, tests, troubleshoots, and maintains the Enterprise SIEM (Splunk) Environment including configuration issues, deployment problems, and role-based accesses across Windows, Linux, and cloudA' A cents € cents Onboard advanced data sources, create new custom parsers, architecture assessment, and design reviewsA' A cents € cents Deliver advisory support and education relating to the SIEM to executives and other technology personnelA' A' A cents € cents Help define, implement and monitor key risk indicators and key performance indicators (KRIs/KPIs)A' A cents € cents Review and critique system security plans, network diagrams, and other security documentation as part of vulnerability engagementsA' A cents € cents Develop scripts to simplify data collection and other laborious tasks that are necessary to occur throughout onboarding of log sourcesA' A cents € cents Develop, tune, and maintain tools to automate analysis capabilities for network-based, host-based and log-based security event analysisA' A cents € cents Manage project tasks, reporting, and customer meetings Experience and Qualifications:A' A cents € cents 5+ years of information security engineering and operations including: security operations, incident analysis, incident handling, and vulnerability management or testing, log analysis, intrusion detectionA' A cents € cents 2+ years supporting Splunk with 3rd party toolA' A cents € cents BachelorA cents € (TM) s degree in Computer Science, Information Technology, or related degree; experience may be substituteA' A cents € cents Experience with onboarding and monitoring cloud environments (eg AWS, Azure, Raskspace, Google Cloud, 3rd Party Hosting Environments)A' A cents € cents Understanding of FISMA, NIST, and FICAM policies A cents € cents Understanding of networking/distributed computing environment concepts; understands principles of routing, client/server programming, the design of consistent network-wide file system layoutsA' A cents € cents Experience with the following technologies desired: Nessus, Qualys, IDS/IPS, network- and host-based firewalls, data leakage protection (DLP), User and Network Behavior Analytics, End Point Solutions, and third-party monitoring tools such as Solarwinds and ZabbixA' A cents € cents Works well both in a team environment and independently A cents € cents Excellent interpersonal and organization skillsA' A cents € cents Excellent oral and written communication skillsA' Required Certifications A cents € cents Splunk Enterprise Certified Admin or Certified Architect Desired Certifications: A cents € cents Security+ A cents € cents CISSP A cents € cents CEH A cents € cents CCSE A cents € cents CISA InquisIT provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, InquisIT complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.