Security Architect


2019-09-04 00:30:17

Job location Littleton, Colorado, United States

Job type: fulltime

Job industry: I.T. & Communications

Job description


Must be on site -- Littleton, CO

Splunk Engineer SME with 5-10 years of experience as a Splunk Engineer with security focus. Extensive experience with configuring and tuning Splunk base and Splunk ES in a large enterprise environment. Solutions may be cloud-based or remote-managed on-premise solutions. Able to work with clients to maximize Splunk value and effectiveness. Experience with correlation rules for creating security alerts. Capable of leveraging Splunk capabilities in support of SOC process flows. Experience tuning Splunk for efficiencies in a high-capacity environment. The role is expected to contribute to documentation and adhere to SLA targets and requirements. The daily duties include hands-on troubleshooting, interfacing with clients and associates as needed to resolve complex cases, maintaining and patching managed security platforms. Preferred background includes Splunk architecture design, implementation, configuration and tuning.

Top Technical Skills required:
Bash and Python scripting

Provide direct technical support including:
Support security team leveraging Splunk as a security tool
Assist customers with Splunk deployments and tuning
Analyze and recommend improvements to existing Splunk environments
Tune notable alerts to meet customer needs and mission objectives
Basic troubleshooting on the full range of Fortinet products
Collection, analysis and change recommendations of configuration information
Collection and analysis of customer network information
Collection and initial analysis of packet trace information
Recommend corrective actions based on analysis
Provide customer education where needed due to gaps in networking, product knowledge
Consultation of technical documentation, bulletins and release notes for known problems
Reproduction of customer environments on lab equipment
Follow up on technical cases including proper escalation and management of the case
Manage customer communications and expectations until the closure of each case

Education and Experience:
BS preferred in computer science, information systems, information assurance equivalent work experience
5-10 years of experience as Splunk Engineer with security focus
Splunk certifications strongly desired
Industry certifications such as GSEC, CISM, CISSP, etc
Strong verbal and written English communications skills required
- provided by Dice

Inform a friend!