Splunk engineer

About The Position

Requirements

• Direct experience as a Splunk Engineer or Architect
• Prior experience engineering and deploying analytics and SIEM SOC solutions in a large enterprise environment (>50 servers)
• Scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions
• Linux/Unix sysadmin experience
• Interpersonal skills - communicator, flexibile, self-driven, team player
• Strong task management skills
• General networking and security knowledge (firewalls, routing, DNS, NAT, packet trace and analysis, etc.)
• Able to demonstrate a broad exposure to various technologies - preferably in a global environment, ideally within the finance industry

Nice To Haves

• Experience with Splunk Enterprise Security (ES4) and Splunk ITSI
• Knowledge of statistical modeling for anomaly, ML and outlier detection
• Splunk enterprise architecture, integration and deployment experience
• Big data experience, including Kafka, KafkaConnect, NiFi, Storm, Grok, Parquet, Spark, HDFS.
• Knowledge of indicators of compromise (IOC) of systems and applications
• Familiarity with key security events on common platforms
• Industry certifications such as CISSP, SANS, CeH, etc.
• SDLC experience, using JIRA and GIT
• Experience authoring security policy and security best practice documentation
• Experience onboarding