Splunk Developer

Job Title-Splunk Developer
Location - Dallas, TX

Mandatory Skill-

• Aplus in Security Dashboard
• Splunk Developer
• Threat Hunting Dashboard
• XML

Cyber Fusion Centres Insider Risk Team is seeking a Splunk Developer/Consultant to fulfill operational needs associated with the investigative and research objectives of the Insider Risk Team.

The desired candidate should have a minimum of five years experience with Splunk, possess Splunk certifications and have knowledge of XML.

Key development objectives are:

• Development of a customized repository to house frequent queries utilized by the team.
• The repository should maintain a drop down selector related to specific use cases and corresponding queries.
• The repository must be designed for ease of use so investigators can quickly select the appropriate use case and query.
• Development of new use cases or queries.
• Customization of existing or new queries/searches.
• The creation of a Threat Hunting Dashboard with the ability to track investigator activity to prevent duplication of effort.
• The normalization of proxy logs.
• The developer must create documentation to support long term maintenance needs (updates, modifications, break fix).
• The developer must be flexible, willing to accommodate changes and support any new objectives that are identified.
• As with any project based role, the developer must attend weekly meetings, develop a project roadmap and be prepared to provide progress reports & time estimates for task completion.