Senior Cybersecurity SEIM Engineer

Splunk and Splunk Enterprise Security, Splunk Architecture, EDR , Firewalls IDS/IPS , NIDS/NIPS / WIPS, Threat Intelligence, SIEM MS-ATA
Contract Corp-To-Corp, Contract Independent, Contract W2, Multi Years Position
Competitive
Work from home not available Travel not required

Job Description

DatamanUSA is a rapidly growing full service technical consulting and talent management company headquartered in Centennial, CO.  We provide expertise in ERP, Software Implementation, Business Process Optimization, Management Consulting, Project Management, Managed Services, and General IT Support for both commercial and government organizations.   

Currently, we are looking for a qualified individual to work as Senior Cybersecurity SEIM Engineer for one of our Direct state Client in Denver, CO.

Position details are below. If you are interested you can contact us at pulkitk@datamanusa.com and call us at  720-213-4198.

Senior Cybersecurity SEIM Engineer, Roles and Responsibilities:

Role is primarily responsible for the daily care and feeding of Splunk and Splunk Enterprise Security within a medium size implementation. Advanced security understanding as well as hands on experience with managing the installation nuances, onboarding of data, data modeling and custom Splunk Search language writing. This position is also responsible for developing threat-modeled use cases leveraging ES data models and notable events, assigning alert severity, and writing SOC IR run books for new notable events.

Required Skills:

The following are the desired skills for this position:

  • Strong security background with hands on experience in configuring and manipulating the following tools
    • Incident response best practices 
    • EDR 
    • Firewalls
    • IDS/IPS , NIDS/NIPS / WIPS 
    •  Anti-Virus / Anti-Malware
    • Threat Intelligence / Information sharing groups 
    • SIEM
    • MS-ATA 
    • Malware triage and Threat Actor attribution
    • Custom Scripting in Python , Perl , PowerShell or Ruby 
    • Windows Endpoints and MS security Events
  • Robust understanding of Splunk Search query language (SPL)
  • Ability to manipulate data models and data being fed into data models
  • Ability to manage and create custom tagging, event type-ing and field extractions on an as needed basis
  • Advanced understanding of Splunk Search performance optimization and CRON scheduling
  • Understanding of Reg-ex and manual field extraction best practices
  • Proven understanding of Splunk Architecture and best practices according to Splunk and business needs
  • Demonstrated ability to configure Splunk dashboards and reports based off of needs of the business
  • Adept project management skills
  • Experience and exposure to kill chain / MITRE Attack frame work
  • Ability to juggle multiple requests at the same time and prioritize risk vs requirements
  • Ability to onboard data into Splunk
  • Proven experience working with many different data and log types.

Desired Qualifications:

  • Bachelor’s Degree in Computer Science or a related technical discipline, or the equivalent combination of education, technical training, or work experience. 

Experience:

  • 4+ years of IT experience with minimum of 2 years working with firewalls and other network security systems. 

Certification:

  • Any relevant industry certifications such as Security+, CISSP, CCNA, SSCP, CEH, SANS (ex. GSEC, GCIH, GCFW, GCIA), CISA, CISM, etc.

Thanks & Regards,

DatamanUSA, LLC | Email: pulkitk@datamanusa.com

Website: www.datamanusa.com

Dice Id : 10109429
Position Id : AN_004
Have a Job? Post it

Similar Positions

Jr. SOC Analyst
  • Stellar Consulting Group LLC
  • Westminster, CO
Security Engineer Vulnerability
  • Data Resource Technologies
  • Greenwood Village, CO
L2 SOC Analyst
  • Net2Source Inc.
  • Englewood, CO
Security Analyst
  • SA Technologies Inc
  • Westminster, CO
Cloud Security Architect
  • EDP Recruiting Services
  • Broomfield, CO
Information Security Specialist
  • Productive Data Commercial Solutions
  • Centennial, CO
Security Engineer III Penetration Testing
  • Spectrum
  • Greenwood Village, CO
Principal Security Engineer III
  • Fahrenheit IT
  • Denver, CO
Endpoint Security Engineer
  • Ascent Services Group
  • Englewood, CO
Cyber Security Engineer
  • Volt Services Group
  • Denver, CO
INFORMATION SECURITY Specialist
  • AgreeYa Solutions
  • Denver, CO