GBIT (Global Bridge InfoTech Inc) · 10 hours ago
Information Security Engineer (W2 Only)
Maximize your interview chances
AnalyticsConsulting
Growth OpportunitiesNo H1B
Insider Connection @GBIT (Global Bridge InfoTech Inc)
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
The SOC and Security Engineering teams are seeking an experienced professional to assist with supporting Splunk Enterprise Security (ES) and infrastructure management.
This role will be instrumental in accelerating the onboarding of new log sources and optimizing the use of Splunk’s built-in ES capabilities
Normalizing and mapping ingested data to Splunk and industry-standard Common Information Models (CIM).
Enhancing threat detection capabilities by aligning data with best practices and leveraging Splunk’s advanced security features.
Ensuring seamless integration of diverse log sources to enrich the security ecosystem and improve organizational readiness for emerging threats.
Strengthening infrastructure resilience and enabling robust monitoring to ensure high availability and performance of Splunk environments.
Migrate logging pipelines from Cribl to Observo
Design, build, and optimize a security data lake, enabling scalable data ingestion, storage, and analysis to enhance threat detection and incident response capabilities
This role will play a critical part in enabling the team to fully utilize Splunk ES for more robust and proactive security operations.In recent quarters, we have made significant progress in enhancing our Splunk capabilities and aim to build on this momentum to maximize its potential.
Hands-on experience with Splunk Enterprise Security
Splunk platform design experience for large-scale and distributed deployments
Establishes best practices and development standards, and ensures that the team adopts them
Maintains a close partnership with Splunk on feature requests, upgrade planning, and product roadmap alignment
Improve Splunk search and indexing performance
Develop and customize Splunk apps and dashboards
Implement integration with external systems
Builds advanced visualizations
Implements and maintains Splunk platform infrastructure and configuration
Undertakes day-to-day operational and user support
Executes new projects as well as data and user onboarding
Promotes advanced searching, forensics, analytics
Effects creative solutions to complex problems
Staffs help desk for search-related assistance
Manages data onboarding and defining configurations
Performs data interpretation, classification, and enrichment
Builds data models
Manages knowledge objects (field extractions, tags, event types, lookups, aliases, macros, and so on)
Configures summary-based reports and data model acceleration
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Hands-on experience with Splunk Enterprise Security
Splunk platform design experience for large-scale and distributed deployments
Establishes best practices and development standards, and ensures that the team adopts them
Maintains a close partnership with Splunk on feature requests, upgrade planning, and product roadmap alignment
Improve Splunk search and indexing performance
Develop and customize Splunk apps and dashboards
Implement integration with external systems
Builds advanced visualizations
Implements and maintains Splunk platform infrastructure and configuration
Undertakes day-to-day operational and user support
Executes new projects as well as data and user onboarding
Promotes advanced searching, forensics, analytics
Effects creative solutions to complex problems
Staffs help desk for search-related assistance
Manages data onboarding and defining configurations
Performs data interpretation, classification, and enrichment
Builds data models
Manages knowledge objects (field extractions, tags, event types, lookups, aliases, macros, and so on)
Configures summary-based reports and data model acceleration
Infrastructure As Code (IaC)
Splunk Administration
Splunk Enterprise Security
Preferred
Cribl
Observo
Company
GBIT (Global Bridge InfoTech Inc)
Global Bridge InfoTech (GBIT) stands as a leader in NXT-GEN IT solutions, offering unmatched expertise in IT consulting, system integration, and Remote Infrastructure Managed Services (RIMS) across industries.