Splunk Content Developer

Developer, Management, Perl, PowerShell, Python, Ruby, Scientific, Scripts, Security, Technical Writing, Testing
Full Time, Full Time
Telecommuting not available Travel not required

Job Description


Founded in 2001, Blue Canopy is an award-winning provider of business solutions in the public and commercial sectors. We're focused on delivering outcomes that matter by combining the best use of technology, process improvement, and the system of governance. Our Mission is to serve our clients and help them achieve success by combining governance, industry experience, and information technology excellence.

At Blue Canopy, innovation, collaboration, and teamwork are the driving force behind our success. We are committed to hiring, retaining, and developing best-in-class professionals because we recognize that our team is what differentiates us in the marketplace as an industry-leader. We are driven by excellence, committed to integrity, and inspired to achieve limitless possibilities.


Blue Canopy, LLC is looking for a Splunk Architect/SME experience to support our PRIME Federal Client in Arlington, VA.


Fast-growing premier cyber-security company is expanding its security, privacy, and incident response practices. Our teams provide full-scope IT Security services including: Strategic Planning, Continuous Controls Assessments, Penetration Testing, Engineering, Privacy, Internal Controls, Security Operations Center, and Incident Response. Our assessments follow well-defined and streamlined practices that use custom designed productivity enhancement tools designed to provide deep and broad situational risk awareness. Our pen-tests deliver the evidence that is often required to get the attention of senior management that compels them to take effective action to strengthen defenses. Our engineers deploy and configure cutting-edge enterprise tools (including: Splunk, Archer, Bit9, Invincea, Tripwire, McAfee, ArcSight and more) for discovering intrusions and eradicating advanced persistent threats. Our Privacy and Internal Controls auditors deliver the information required to manage institutional

risks to sensitive data and systems. Our SOC and CSIRT teams continuously develop and improve strategies to detect and validate active threats to the enterprise and respond to them rapidly and effectively. We are growing our teams of skilled security professionals with those who are interested in taking their careers to the next level in cyber-security by developing innovative solutions that advance the state-of-the-art and deliver meaningful risk reduction.



Role:  

* Provides strategic support of Splunk integration and deployment, configuration and maintenance

* Interpret and develop content for SIEM products to meet internal and external customer requirements

* Coordinate with other organizations (SOC/CSIRT, Operations, Management) and assist with advanced issue resolution across the enterprise

* Maintain the proper operation and performance of Splunk Forwarders, and clustered Indexers and Search Heads

* Develop filters to assist in the identification of significant events

* Provide recommendations and implement changes to optimize Splunk products in the customer environment

* Write and develop custom scripts, programs as needed



What you need to bring to the table:  

* Bachelor's Degree in Information Systems, Security, Engineering, or other related scientific or technical discipline.

* 8years overall IT experience

* 6+ experience with design, configuration, and support of Splunk 6.x, and/or other security technologies

* Certified Splunk Architect or Consultant

* Ability to perform basic scripting tasks with Splunk to automate repeatable processes using Python, Ruby, PowerShell, Perl, etc.

* Experience with interpreting requirements and implementing Use-Cases

* Strong analytical and creative problem solving skills

* Technical writing of Installation/Deployment Procedures and requirements documentation

* Fluency in oral and written English language communication



Desired Qualifications:  

* Experience developing enterprise strategic implementation of Splunk deployments.

* Basic understanding of Information Security with relevant work experience and/or relevant education/certifications.

* Implementation/support of ArcSight and/or Splunk



Clearance:   US Citizen - Clearable for Public Trust.


As a full-time employee of Blue Canopy, you are eligible for an attractive benefits package, which includes medical, dental, life insurance, and short-term and long-term disability insurance. Our benefits also include paid holidays, Paid-Time-Off (PTO), a company-sponsored 401(k) plan, tuition reimbursement plan, and flexible spending accounts to allow you to pay for Health, Dependent care and Commuter costs with pre-tax income.


Blue Canopy, LLC is EOE/AA/M/F/Vet/Disability
Dice Id : 10113265
Position Id : 2410
Have a Job? Post it