Education and Experience Requirements
- At least seven (7) years of experience in an information technology related field.
- At least three (3) years of progressive experience in engineering, implementation, and support of security information and event management technologies.
- Bachelor’s degree from an accredited college or university with a major in Cyber Security Computer Science, Information Systems, Engineering or related scientific or technical discipline.
- At least ten (10) years of experience in an information technology related field in lieu of Bachelor’s degree.
Technical Skills Requirements
- Strong demonstrated experience with Splunk and Splunk Enterprise Security.
- Strong demonstrated experience with SIEM architecture, design, and implementation.
- Demonstrated experience with operational and security hardening configuration for SIEM solutions.
- Demonstrated experience with configuration management and change control for SIEM solutions.
- Demonstrated experience managing and troubleshooting SIEM systems in Windows and various Linux distributions.
- Scripting experience with one or more of the following languages: PowerShell, Bash, Shell, and/or Python
- CompTIA Security+ certification
- Splunk certifications, for example: Splunk Power User, Splunk Enterprise Admin, Splunk Enterprise Architect, and Splunk Enterprise Security Admin
- Splunk Certified Core Consultant certification
- Experience with cloud environments such as AWS, Azure, and/P, and cloud security architecture.
- Experience with other SIEM programs such as ELK and Azure Sentinel.
- Experience in project task technical analysis, planning, and estimation.
- Experience with technology capabilities market research, technical analysis/review, and recommendation.