SIEM Data Onboarding Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Take2 Consulting, LLC · 12 hours ago

SIEM Data Onboarding Engineer

positionDistrict of Columbia, United States
timeContract
remoteOnsite
seniorityMid Level
date3+ years exp

Take2 Consulting, LLC is seeking a Splunk Engineer responsible for managing and enhancing their Splunk environment. The role requires expertise in Splunk architecture and data onboarding to support business needs and security operations.

ConsultingLegalManagement Consulting
check
Comp. & BenefitsbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Design, deploy, and manage Splunk infrastructure
Develop and maintain Splunk dashboards, queries, and alerts
Integrate Splunk with various data sources to ensure comprehensive data ingestion
Monitor and troubleshoot Splunk performance issues
Collaborate with cross-functional teams to gather requirements and provide Splunk solutions
Implement and enforce best practices for Splunk data management and retention
Provide user training and support for Splunk-related activities

Qualification

Splunk managementSplunk architectureData onboardingLinux administrationWindows administrationDoD 8570 certificationNetworking fundamentalsScripting languagesLoad-Balancer fundamentalsGit knowledgeAnsible knowledgeRegex skillsCommunication skills

Required

2+ years of experience in managing and configuring Splunk
2+ years of experience in Splunk architecture: indexers, search heads, forwarders, deployment server
1+ year with Splunk REST API for automation and operational tasks
2+ years configuring Cribl sources, destinations, routes and collectors
2+ years building pipelines to parse, normalize, enrich, mask/dedup, and route data to Splunk and other targets
2+ years authoring/maintaining props.conf, transforms.conf, inputs.conf, outputs.conf and packaging Apps/TAs
2+ years in Linux and Windows administration: file paths, services, permissions, and log locations
1+ year with basic familiarity with Cribl Redmap/JavaScript functions
1+ year with regex skills for field extraction and event breaking
Active TS/SCI clearance; willingness to take a polygraph exam
Associate's degree and 5+ years of experience supporting IT projects and activities, OR Bachelor's degree and 3+ years of experience supporting IT projects and activities, OR Master's degree and 1+ years of experience supporting IT projects and activities, OR 10+ years of experience supporting IT projects and activities in lieu of a degree
DoD 8570 IAT Level II certification, including Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND certification
Must obtain a DoD 8570 Cyber Security Service Provider - Infrastructure Support certification, including CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND certification prior to start date

Preferred

1 year experience with DISA STIGs or other organizational hardening standards working in regulated environments
2+ years Networking fundamentals: TCP/UDP, TLS, syslog transport, firewall ports and common transport issues
2+ years in basic troubleshooting with tools such as tcpdump/wireshark, basic vi/vim usage, setfacl, SELinux
Knowledge of common log formats: syslog, Windows Event, JSON, CSV, XML
Proficient in SPL for validation, troubleshooting and basic dashboards
Experience with scripting languages such as Python, Bash, or PowerShell
Strong communication skills
Load-Balancer fundamentals
Knowledge of Git for code version control
Knowledge of Ansible playbooks
Knowledge of Python scripting

Company

Take2 Consulting, LLC

twittertwittertwitter
company-logo
Tech evolves. Industries shift. Take2 ensures your team moves with it.
dateFounded in 2015
location
Vienna, Virginia, USA
people-size1001-5000 employees
web-link
https://www.take2it.com/

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Serge Khoury
Founder & Managing Partner
linkedin
Company data provided by crunchbase