Security Engineer - Splunk

company banner
Computer Enterprises, Inc.
Analytics, Architecture, Best practices, CIM, Cloud, Communication skills, Compliance, Python, Regular expression, Reporting, Security, Security engineering, Software, Mapping, Microsoft Excel, NetFlow, Network security, Networking, Onboarding, Elasticsearch, Engineering, Framework, IPS, Information security, Splunk, Cyber security, Dashboard, Data management, Data modeling, Documentation, IDS, Use cases, Work in process, XML
Full Time
$95,000 - $120,000

Job Description

Job Summary

The Sr. Security Engineer, a role residing within the Cybersecurity Organization, will be responsible for the development of threat detection needs for the Enterprise environment. The engineer should have a deep technical understanding of application, host, cloud, and network security tools and techniques. Must be familiar with Splunk data administration, Splunk Enterprise Security, security industry standards and best practices, and must be able to effectively work with engineering and operational counterparts. The position is highly collaborative across a variety of teams, both technical and non-technical, and will require a strong ability to build effective, productive, relationships in order to succeed.

 

Core Responsibilities

  • Data onboarding and extractions, Data Model development, and CIM compliance of key sources
  • Analyze organizational analytics and threat detection needs to refine requirements and development needs
  • Develop complex queries, correlations, alerts, reports and dashboards within the Splunk platform
  • Perform continuous tuning of threat detection capabilities to drive higher efficacy in alert output
  • Develop or tune Splunk apps and add-ons using Simple XML dashboard visualizations, field extractions, Splunk props and transform commands, or Python (when necessary)
  • Management and expansion of the MITRE ATT&CK framework mapping to identify gaps and threat detection needs
  • Create technical use case documentation related to developed content (threat detection use cases, dashboards, or reports)
  • Collaborate with Cybersecurity counterparts and/or business units to identify and document development requirements
  • Communicate progress of work in progress, key initiatives, and walkthroughs on complex designs and architecture

Required Qualifications

  • 5+ years of Splunk Developer or Splunk Enterprise Security (ES) experience
  • Splunk expertise with strong information security experience
  • A sophisticated understanding of Splunk “Search” language and working knowledge of regular expressions to effectively extract key tokens of data into meaningful fields
  • Experience with Splunk Apps and familiar with Splunk architecture and best practices
  • Knowledge of networking tools like netflow, packet capture, IDS/IPS, Bro/Zeek, and other security related tools
  • Superior communication skills with an ability to develop a strong rapport across a variety of technical and non-technical teams
    • Proven ability to excel in a team, as an individual, in a dynamic environment and still meet deadlines


Company Information

As a trusted technology partner, CEI delivers solutions that help our customers transform their business and achieve meaningful results. From strategy and custom application development through application management - our technology and digital experience services are tailored to meet each unique need of our customers. Our staffing solutions bring specialized skills to complement our customers' workforce and project requirements. For more information, visit us at www.ceiamerica.com.
Dice Id : ceiam
Position Id : CE8937
Originally Posted : 3 weeks ago

Similar Positions at Computer Enterprises, Inc.

Security Engineer - AWS, Python or Golang
  • Moorestown, NJ
  • 20 hours ago
SDET Engineer - Java, Selenium
  • Moorestown, NJ
  • 2 weeks ago