Overview
Skills
Job Details
Anticipated Dates of Performance: 8/4/2025 7/31/2026 Hours / Shift: Normal Business Days/Hours: Monday Friday (9:00am - 5:00pm includes one-hour unpaid lunch) - 35 hours work week. Location where services will be provided: NYC Children, 110 William Street, New York, NY 10038************ Scope of WorkThe IT Security SIEM (Splunk) Engineer will provide overall engineering, and administration in supporting a cloud based Splunk environment consisting of search heads, indexes, deployers, deployment servers, heavy/universal forwarders and Splunk apps spanning security, performance, and operational roles. The Engineer should be proficient with recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data. The IT Security SIEM (Splunk) Engineer should be proficient within Linux environment, edition and the following: Good understanding and hands on experience of designing business solutions using Splunk Ability to Design, develop, and maintain complex Splunk queries and dashboards intended for technical and executive audiences High level experience with dashboards, reports, alerts and managing knowledge objects Knowledge of enterprise logging, including application, web, database, and security logging Strong interpersonal, communication, and presentation skills Advanced experience with Splunk data analytics, data visualization, reporting capabilities Ability to work self-sufficiently on assigned tasks Responsible for identifying and onboarding of log sources to help with monitoring, detection, and response Work with stakeholders to develop requirements and deliverables Qualifications and Desired Skills:Knowledge of Incident Response Procedures Knowledge of Packet Analysis Knowledge of IDS/IPS solutions and various Host-Based Tools Experience with Log Aggregation Tools Knowledge of patterns in network and system activity via log correlation using Splunk and supplemental tools Verbal and written communication ability Splunk Certified to include but not limited to Splunk Enterprise Certified Admin, Splunk Cloud Certified Admin, Splunk Enterprise Certified Architect CASP, GCIH, GCWN, GISF, GISP, GSSP, GICSP, GSSP, SEI, CISSP, CSSLP, SSCP, CCNP, CCNP Security, CCIE Security, CEH, ECSP, MCSE ECCO Select is committed to hiring and retaining a diverse workforce. Our policy is to provide equal opportunity to all people without regard to race, color, religion, national origin, ancestry, marital status, veteran status, age, disability, pregnancy, genetic information, citizenship status, sex, sexual orientation, gender identity or any other legally protected category. Veterans of our United States Uniformed Services are specifically encouraged to apply for ECCO Select opportunities. Equal Employment Opportunity is The Law This Organization Participates in E-Verify |