Overview
On Site
Depends on Experience
Contract - W2
Contract - Independent
Skills
Splunk
Security Dashboard
Threat Hunting Dashboard
XML
Cyber Risk
proxy logs
documentation
Job Details
Job Title-Splunk Developer
Location - Dallas, TX
Mandatory Skill-
- Aplus in Security Dashboard
- Splunk Developer
- Threat Hunting Dashboard
- XML
Cyber Fusion Centres Insider Risk Team is seeking a Splunk Developer/Consultant to fulfill operational needs associated with the investigative and research objectives of the Insider Risk Team.
The desired candidate should have a minimum of five years experience with Splunk, possess Splunk certifications and have knowledge of XML.
Key development objectives are:
- Development of a customized repository to house frequent queries utilized by the team.
- The repository should maintain a drop down selector related to specific use cases and corresponding queries.
- The repository must be designed for ease of use so investigators can quickly select the appropriate use case and query.
- Development of new use cases or queries.
- Customization of existing or new queries/searches.
- The creation of a Threat Hunting Dashboard with the ability to track investigator activity to prevent duplication of effort.
- The normalization of proxy logs.
- The developer must create documentation to support long term maintenance needs (updates, modifications, break fix).
- The developer must be flexible, willing to accommodate changes and support any new objectives that are identified.
- As with any project based role, the developer must attend weekly meetings, develop a project roadmap and be prepared to provide progress reports & time estimates for task completion.