Splunk Cyber Security Solutions Engineer @ Zolon Tech Inc. | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
External
0
Splunk Cyber Security Solutions Engineer jobs in Falls Church, VA
64 applicants
company-logo

Zolon Tech Inc. ยท 6 hours ago

Splunk Cyber Security Solutions Engineer

positionFalls Church, VA
timeContract
remoteRemote
senioritySenior Level
date5+ years exp
ftfMaximize your interview chances
Software Development
check
Growth Opportunities

Insider Connection @Zolon Tech Inc.

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Splunk Service Engineer is responsible for tuning and configuration of Splunk Core and Splunk Enterprise Security (ES) services, developing use cases with CISO end users to build content and assist in developing advanced security use cases.
Participate in requirements gathering, solutions architecting, design and build of technology solutions to support Continuous Monitoring Program.
Assist, train, and host workshops for CISO teams.
Support off-hours and weekend efforts for incident investigations and systems maintenance.
Develop and Implement Actionable Alerts and Workflow for Splunk as a SIEM (Security Information & Event Management) tool.
Develop and Implement Apps & Knowledge Objects (KO) like Dashboard, Reports, Data Models.
Work with the Splunk Architect/Admin to promote private KO to Global KO.
Assist, and/or train CISO Splunk Engineering team on Data Lifecycle Support.
Assist, train, and/or host workshops CISO teams and analysts on Searching and Content Development.
Develop and implement automation to improve efficiency of CISO workflows using Splunk.
Assist in development of advanced security use cases in Splunk.
Develop risk rules and risk incident rules to correlate and alert to significant cyber events.
Develop custom dashboards specific to RBA (Risk Based Alerting) to highlight risk detail, health analysis and risk suppression.
Configure incident response and remediation workflows for ES around notable events (RBA or otherwise alerted).
Develop custom machine learning (ML) models to support anomaly-detection based augmentation of alerting.
Work with numerous stakeholders to implement & maintain event logging from various operating systems, applications, identity providers, network infrastructure, and cloud service providers.
Understanding of network protocols, operating systems, applications, and device event telemetry.
Have strong communication and collaboration skills, both oral and written, with excellent interpersonal and organizational skills.
Understanding of network (firewall, IPS/IDS, WAF/CDN, etc), endpoint (EDR, anti-malware) a plus.
Experience with SAAS- or cloud-hosted Splunk implementation is a plus.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

SplunkSIEMData Lifecycle SupportRisk Based AlertingMachine LearningNetwork ProtocolsCompTIA Net+CompTIA A+CompTIA SecurityCPTECEHCloud ServicesCollaboration Skills

Required

Develop and Implement Actionable Alerts and Workflow for Splunk as a SIEM (Security Information & Event Management) tool
Develop and Implement Apps & Knowledge Objects (KO) like Dashboard, Reports, Data Models
Work with the Splunk Architect/Admin to promote private KO to Global KO
Assist, and/or train CISO Splunk Engineering team on Data Lifecycle Support
Assist, train, and/or host workshops CISO teams and analysts on Searching and Content Development
Develop and implement automation to improve efficiency of CISO workflows using Splunk
Assist in development of advanced security use cases in Splunk
Develop risk rules and risk incident rules to correlate and alert to significant cyber events.
Develop custom dashboards specific to RBA (Risk Based Alerting) to highlight risk detail, health analysis and risk suppression.
Configure incident response and remediation workflows for ES around notable events (RBA or otherwise alerted)
Develop custom machine learning (ML) models to support anomaly-detection based augmentation of alerting
Work with numerous stakeholders to implement & maintain event logging from various operating systems, applications, identity providers, network infrastructure, and cloud service providers.
Understanding of network protocols, operating systems, applications, and device event telemetry
Have strong communication and collaboration skills, both oral and written, with excellent interpersonal and organizational skills.
Understanding of network (firewall, IPS/IDS, WAF/CDN, etc), endpoint (EDR, anti-malware) a plus
Experience with SAAS- or cloud-hosted Splunk implementation is a plus.
Extensive experience (5+ years) in information security operations and/or related IT operational functions
Must possess a minimum of a Bachelor's Degree in Computer Science, Information Technology or Information Security

Preferred

Masters Degree preferred.
CompTIA Net+
CompTIA A+
CompTIA Security +
CPTE - Certified Penetration Testing Engineer or CEH - Certified Ethical Hacker

Company

Zolon Tech Inc.

twittertwitter
company-logo
Zolon Tech, Inc.
dateFounded in 1998
location
Hyderabad, Andhra Pradesh, IND
people-size501-1,000 employees
web-link
http://www.zolontech.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Goutham Amarneni
President
linkedin
Company data provided by crunchbase
logo

Orion

Your AI Copilot