Our client, a large international Information Security Consulting organization, has asked to find a Remote Consultant as a Senior-Level security expert to lead a major SIEM migration.
NOTE: This is a REMOTE - Work from Home Role requiring up to 20% travel to client sites.
This is a highly visible role with mission critical responsibilities because you will play an integral part of a major multi-year SOC transformation. STRONG SPLUNK UNDERSTANDING IS CRITICAL FOR THIS ROLE.
Responsibilities of the SIEM Security Engineer:
- Architect and manage Splunk SIEM technologies
- Lead a s major SIEM migration into a Splunk environment (complete data migration).
- Develop, tune, and maintain tools to automate analysis capabilities with host and log-based security event analysis
- optimize event ingestion, reporting and alerting
- Create signatures, rule sets, and content analysis definitions for a variety of security detection capabilities
- Manage project tasks, reporting, and customer meetings
Requirements of the SIEM Security Engineer:
- Splunk Web Framework (reports/dashboards/etc.)
- Command line and console-based troubleshooting
- Custom parser creation for events in Syslog, ODBC, ad flat file formats
- Splunk App creation and scripting experience (Python)
- Relevant certifications such as CCNP, CCNA, SANS, CISSP, etc.
- Experience supporting large scale SIEM migrations and project task management
- Expert level knowledge of installing, deploying, documenting, and troubleshooting network perimeter security technologies such as firewalls, proxy servers, intrusion prevention/detection (IDS/IPS), antivirus, anti-malware, anti-spam and unified threat management (UTM).
- A solid understanding of networking/distributed computing environment concepts; understands principles of routing, client/server programming, the design of consistent network-wide file system layouts.
Job Type: Full-time
- engineering: 2 years (Required)