DatamanUSA is a rapidly growing full service technical consulting and talent management company headquartered in Centennial, CO. We provide expertise in ERP, Software Implementation, Business Process Optimization, Management Consulting, Project Management, Managed Services, and General IT Support for both commercial and government organizations.
Currently, we are looking for a qualified individual to work as Senior Cybersecurity SEIM Engineer for one of our Direct state Client in Denver, CO.
Position details are below. If you are interested you can contact us at firstname.lastname@example.org and call us at 720-213-4198.
Senior Cybersecurity SEIM Engineer, Roles and Responsibilities:
Role is primarily responsible for the daily care and feeding of Splunk and Splunk Enterprise Security within a medium size implementation. Advanced security understanding as well as hands on experience with managing the installation nuances, onboarding of data, data modeling and custom Splunk Search language writing. This position is also responsible for developing threat-modeled use cases leveraging ES data models and notable events, assigning alert severity, and writing SOC IR run books for new notable events.
The following are the desired skills for this position:
- Strong security background with hands on experience in configuring and manipulating the following tools
- Incident response best practices
- IDS/IPS , NIDS/NIPS / WIPS
- Anti-Virus / Anti-Malware
- Threat Intelligence / Information sharing groups
- Malware triage and Threat Actor attribution
- Custom Scripting in Python , Perl , PowerShell or Ruby
- Windows Endpoints and MS security Events
- Robust understanding of Splunk Search query language (SPL)
- Ability to manipulate data models and data being fed into data models
- Ability to manage and create custom tagging, event type-ing and field extractions on an as needed basis
- Advanced understanding of Splunk Search performance optimization and CRON scheduling
- Understanding of Reg-ex and manual field extraction best practices
- Proven understanding of Splunk Architecture and best practices according to Splunk and business needs
- Demonstrated ability to configure Splunk dashboards and reports based off of needs of the business
- Adept project management skills
- Experience and exposure to kill chain / MITRE Attack frame work
- Ability to juggle multiple requests at the same time and prioritize risk vs requirements
- Ability to onboard data into Splunk
- Proven experience working with many different data and log types.
- Bachelor’s Degree in Computer Science or a related technical discipline, or the equivalent combination of education, technical training, or work experience.
- 4+ years of IT experience with minimum of 2 years working with firewalls and other network security systems.
- Any relevant industry certifications such as Security+, CISSP, CCNA, SSCP, CEH, SANS (ex. GSEC, GCIH, GCFW, GCIA), CISA, CISM, etc.
Thanks & Regards,
DatamanUSA, LLC | Email: email@example.com