Overview
On Site
Hybrid
BASED ON EXPERIENCE
Contract - Independent
Contract - W2
Contract - 11+ mo(s)
Skills
Information Security
Event Management
Network
Sensors
Firewall
Proxies
Servers
DLP
IDS
Intrusion Prevention
IPS
JIRA
ServiceNow
Reporting
System On A Chip
Cisco
Access Control
Management
Regulatory Compliance
Analytics
Orchestration
Capacity Management
Optimization
Unix
Microsoft Windows
Collaboration
Dashboard
Data Analysis
Visualization
Documentation
Log Management
SIEM
System Administration
Operating Systems
Regular Expression
Scripting
Application Development
Python
Perl
JavaScript
Linux
Shell Scripting
Amazon Web Services
Microsoft Azure
Cyber Security
Security Operations
Incident Management
Vulnerability Management
Migration
Splunk
Cloud Computing
Security Clearance
SANS
FOCUS
Professional Services
Genetics
Law
Job Details
Title: Splunk Engineer / Architect
Location: Raleigh, NC (HYBRID)
Duration: 12 - 18 Months
Compensation: $57.00 - $60.00
Work Requirements: or Authorized to work in US
About INSPYR Solutions
Technology is our focus and quality is our commitment. As a national expert in delivering flexible technology and talent solutions, we strategically align industry and technical expertise with our clients' business objectives and cultural needs. Our solutions are tailored to each client and include a wide variety of professional services, project, and talent solutions. By always striving for excellence and focusing on the human aspect of our business, we work seamlessly with our talent and clients to match the right solutions to the right opportunities. Learn more about us at inspyrsolutions.com.
Location: Raleigh, NC (HYBRID)
Duration: 12 - 18 Months
Compensation: $57.00 - $60.00
Work Requirements: or Authorized to work in US
Splunk Engineer / Architect
Responsibilities:
- Administer the Splunk based log management system and analyze the current logging capabilities.
- Ensure the Agency Information Security systems administered by the Team are sending all required logs to the log management system.
- Ensure the Cisco Information Security systems administered by the Team are sending all required logs to the log management system.
- Maintain the Log Management and Security Information and Event Management (SIEM) system to collect and aggregate IDS/IPS data from network sensors, raw data from collection agents, firewalls (including but not limited to Layer 7 Application Firewalls), proxy servers, DLP, antivirendpoint protection software, and vulnerability scanner elements, and other important systems.
- Tune the SIEM and IDS/Intrusion Prevention System (IPS) events to minimize false positives.
- Generate vulnerability tickets in Jira and ServiceNow for vulnerability remediation.
- Tune the capabilities as practicable to improve efficiency and ensure that reporting capabilities of the log management system are working properly.
- Validate that Cisco-GTTS log retention requirements are configured properly within the Cisco-GTTS log management system.
- Identify shortfalls in the current capability and identify systems that are not sending logs to the Cisco-GTTS log management system.
- Work in conjunction with GTTS-SOC to develop required dashboards and Splunk Playbook.
- Recommend improvements to current processes.
- Provide technical guidance to administrators of other IT systems to ensure their logs are sent to the Cisco-GTTS's log management system.
- Configure Cisco-GTTS's log management system role-based access controls so that logs for specific systems can only be accessed by designated administrators.
- Integrate Qmulos within Splunk log and manage compliance within Qmulos.
- Configure Splunk User Behavior Analytics working with the Security team.
- Working with the security team, develop SOAR - Security Orchestration, Automation and Response strategies.
- 7 years of experience with Splunk
- Minimum 10 years of relevant experience
- Must have Splunk Architect Certification
- Experience in architecture, design, support, maintenance, and expansion of an enterprise log management/SIEM infrastructure in a highly resilient configuration
- Experience in monitoring an enterprise log management/SIEM server and agent infrastructure for capacity planning and system optimization
- Experience in deployment, configuration, and maintenance of log forwarder agents across a variety of UNIX and Windows platforms
- USA Citizen
- Experience in collaboration with a variety of IT stakeholders in design and maintenance of production-quality log management/SIEM reports and dashboards to support data analysis and visualization
- Experience in creation and maintenance of documentation related to log management/SIEM infrastructure configuration and operational processes
- Advanced system administration skills with Linux operating systems
- Knowledge of regular expression, scripting, and application development languages (e.g., Python, Perl, JavaScript, Linux shell scripting)
- Understanding of security best practices
- Experience with cloud platforms (e.g., AWS, Azure) and Splunk Cloud
- Knowledge of cybersecurity principles and experience in security operations
- Experience with security incident response and vulnerability management
- Experience migrating from on-premises Splunk to Splunk Cloud
- TS clearance (optional)
- Comprehensive medical benefits
- Competitive pay
- 401(k) retirement plan
- and much more!
About INSPYR Solutions
Technology is our focus and quality is our commitment. As a national expert in delivering flexible technology and talent solutions, we strategically align industry and technical expertise with our clients' business objectives and cultural needs. Our solutions are tailored to each client and include a wide variety of professional services, project, and talent solutions. By always striving for excellence and focusing on the human aspect of our business, we work seamlessly with our talent and clients to match the right solutions to the right opportunities. Learn more about us at inspyrsolutions.com.
INSPYR Solutions provides Equal Employment Opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, INSPYR Solutions complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.