SIEM/Splunk Engineer

Role: SIEM/Splunk Engineer

Location: Remote

Duration: 6+ months

W2 Only.

Primary Responsibilities:

• Looking for someone with great Splunk Core experience. Example: Data onboarding, RegEx, building out applications and TAs for splunk, data parsing, etc.
• Building python scripts, dealing with regular expressions, onboarding side, etc.
• Experience with data source onboarding, troubleshooting or monitoring/building out dashboards.
• Assist in the implementation and configuration of SIEM platform, ensuring it meets security and compliance requirements.
• Must have experience engineering and implementing SIEM technologies such as splunk core, qradar, securonix, or sumo logic, Infrastructure.
• Lead the design the SIEM infrastructure, ensuring its effectiveness, scalability, and alignment with industry standards and regulatory requirements.
• Implement, configure, and optimize SIEM solutions to collect, correlate, and analyze security event data from various sources, such as network devices, servers, applications, and endpoints.
• Develop and maintain SIEM use cases, correlation rules, alerts, and reports to identify and prioritize security incidents and potential threats.
• Collaborate with other Cybersecurity and Security Engineering teams to investigate and resolve complex security incidents, conducting root cause analysis and recommending remediation actions.
• Stay up to date with the latest security threats, vulnerabilities, and industry trends, and proactively assess their potential impact on the SIEM infrastructure.
• Lead SIEM-related projects, including system upgrades, enhancements, and integration with other security tools and technologies.
• Provide guidance and mentorship to junior SIEM engineers, promoting knowledge sharing and skill development within the team.

EEO: Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.