Please note that this is a 9 month contract position.
Description: Splunk Content Developer responsible for tuning and configuration of Splunk for Enterprise Security (ES) services, develop use cases with CISO end users to build content and assist in developing advanced security use cases. Note: Resources must be onsite in Morrisville/Raleigh, NC. No remote work. Requirements: • Configure incident response and remediation workflows for ES • Develop and Implement Actionable Alerts and Workflow for Splunk as a CISO Monitoring tool • Develop and Implement Apps & Knowledge Objects (KO) like Dashboard, Reports, Data Models • Work with the Splunk Architect/Admin to promote private KO to Global KO • Assist and/or train CISO Splunk Engineering team on Data Lifecycle Support • Assist and/or train CISO Engineering team and analysts on Content Development • Develop and implement automation and efficiencies with Splunk and CISO workflow • Provide Analyst training and workshops on using Splunk • Review new content, alerts and data sources with CISO Analysts. Certifications: • Certified Splunk Architect • CISSP, Security +, or related information security Certification. Qualifications • The enforced dress code is business casual, i.e. collared shirt with slacks for men, no skirts above the knee for women. Place and Period of Performance: • Hours of support: o The standard work week for contract staff will be 5 days a week and 8 hours per day preferable o Contract staff may be required to travel to support business efforts. • Location: Morrisville/Raleigh, NC
Candidates need Public Trust Clearance
Please reference job number 2057.
San Francisco, CAContact