Cyber Security Operations Engineer – Splunk
We are looking for a Cyber Security Operations Enablement Engineer (Contractor) to help support critical functions of our Cyber Security Operations Center (CSOC). This role is expected to develop and maintain an expert level understanding of all facets of daily operations including processing & technology, while developing & on-boarding new SIEM content & tuning detection technologies.
- Conduct continual analysis of the complete CSOC security toolset, gaining an expert level understanding of all features along with how they maybe most effectively utilized.
- Perform tuning & optimization of security tools & SIEM rules, partnering with other stakeholders within CCS and Comcast technologies groups as required.
- Build working relationships with product owners to enable early awareness of new features pipelines. Evaluate all new features for inclusion into CSOC operations.
- Identify opportunities for automation and run associated development efforts.
- Validate completed use cases for SIEM rules and test that rules have been properly implemented.
- At least 5 + years of related experience
- Proven hands-on experience building & managing Splunk uses cases & content driven from customer requirements.
- Solid technical understanding of common log formats & source designs, along with subject matter specific expertise in Splunk & Splunk Enterprise Security.
- Experienced configuring, tuning, and evaluating efficacy of key security tools including but not limited to firewalls, VPN, proxies, endpoint protection, DLP, CASb, SIEM, anti-malware, forensics.
- Familiarity with scripting languages such as Bash, Python, and/or PowerShell.
- Experience with major automation technologies such as ansible, Puppet, and/or Chef.
- Demonstrated experience with Microsoft Windows and Unix Operating Systems including command-line tasks and scripting.
- Expertise in conducting security assessments & configuration of major public & private cloud services.
Understanding of the MITRE ATT&CK framework along with experience applying it across various security processes.
- Advanced knowledge of computer network concepts and protocols along with experience conducting network traffic & packet-level analysis.
- Work will be primarily remote with occasional on-site work in Moorestown, NJ.
Leading Path is an award-winning Information Technology and Management Consulting firm focused on providing solutions in process, technology, and operations to our government and Fortune 500 clients. We offer a professional and work environment with a strong work-life balance. Leading Path provides a comprehensive and competitive benefits package, 401K, tuition reimbursement and opportunities for professional growth and advancement.