|Title:||Splunk Operations & Integrations Specialist|
|Location:||Greenwood Village, CO|
This is an onsite position so not considering candidate outside Greenwood Village,Colorado
Education: Bachelors Required.
The Splunk Operations & Integrations Specialist is responsible for building, operating, integrating, onboarding, and developing content within the company's Splunk platform. The position requires the individual to be a highly knowledgeable on a number of security technologies, have a solid understanding of information security and networking and comprehensive experience interacting with customers.
The successful candidate will be able to engage on tasks independently, document and communicate their work efforts to a Scrum based project team and provide expert level technical support and Splunk development on an enterprise scale.
• Bachelor’s degree and/or eight (8) years’ experience in progressive Cyber Security positions.
• Minimum 4+ years of experience with Splunk.
• Splunk Enterprise Certified Architect or Splunk Enterprise Security Certified Admin.
• 4+ Years creating threat detection use cases within Splunk Enterprise or Splunk Enterprise Security.
• 2+ years of network security and system security experience, supporting security event management tools (SIEMs) .
• Experience developing automation using Python and Java.
• Thorough understanding and administrative knowledge of large scale Linux/Unix deployments .
• Excellent understanding of enterprise logging, with a focus on application logging .
• Excellent understanding of regular expressions.
• Infrastructure management and support experience .
• System administration experience in a Windows and Unix environment .
• Experience in using scripting languages to automate tasks and manipulate data. Programming experience is a plus .
• Experience working in a large enterprise environment.
• Experience integrating solutions in a multi-vendor environment.
Top 3-5 Required Skills:
1. Splunk Knowledge Manager / Splunk Administration
2. Linux OS – design, development, operations
** full time employed Splunk engineers (versus career contractors)
** Advanced Splunk certification and have experience managing and/or developing in an ENTERPRISE size Splunk environment
Other required skills:
• Ability To communicate clearly to technical and business audiences
• Be well organized with a healthy sense of urgency, and able to set, communicate, and meet aggressive deadlines and milestones
• Self-motivate, learn quickly and deliver results with minimal supervision
• Quickly understand and interpret customer problem and navigate through complex organizations
• Represent the group in a friendly, courteous, and professional manner .
1. User Education
2. Project planning & task tracking
Top 3-5 Daily Responsibilities:
1. Splunk data acquisition, onboarding, and knowledge managment
2. Linux system administration, operations & automation
3. Splunk operational monitoring .
• Responsible for developing advanced threat detection models & correlation searches in an enterprise class Splunk environment.
• Manage Splunk and related hardware infrastructure. Oversee production support.
• Design Splunk system to meet growth while maintaining balance between performance/stability and agility
• Develops advanced scripts for manipulation of multiple data repositories to support analyst requirements
• Manage customer expectations, On-board internal customers onto Splunk and support their project in multi-tenant Splunk installations
• Develops advanced reports, dashboards or alerts to meet the requirements of critical initiatives
• Develops scalable security management tools and processes
• Develops automation for security tools management
• Create customized searches and applications using programming/development skills such as java, python, shell scripting, regular expression etc.
• Automate deployment, integration and testing of enterprise system and services.
• Individual will also assist with threat response playbook orchestration and development and have significant technical experience within Cyber Security domains.