Senior Splunk Admin/Architect - Security

Overview

Remote
Depends on Experience
Contract - W2
Contract - 5 Month(s)
No Travel Required

Skills

Cyber Security
System Architectures
SIEM
SOAR
Splunk
Splunk Enterprise
Splunk Cloud
Splunk SPL (Search Processing Language)
AWS
Azure
GCP
Python
Networking

Job Details

Position: Senior Splunk Admin/Architect - Security

Location: Silver Spring, MD (Remote)

Duration: 5 Months

 

The Job:
Security Engineering team empowers the Client Global Information and Content Security (GICS) teams by supporting the Security Engineering, Security Architecture, Threat Detection and Response, and other Security teams/functions through the deployment, management, and maintenance of shared, reliable, and extensible security platforms/systems. The security engineer plays a key role in the GICS security engineering team, ensuring that security best practices are followed and that tools and processes that support a secure platform are maintained and kept up to date. The ideal candidate will be responsible for the design, implementation, and management of Splunk infrastructure, ensuring high performance, availability, and scalability. This role will require deep technical expertise in Splunk as well as the ability to work collaboratively with other teams to integrate Splunk into various IT and security systems.

 

Primary Skills: Splunk, Security Management Systems and Cyber Security

 

Daily Responsibilities:

As security engineer, ideal candidate is expected to:
Plan, design, engineer and implement security-related technologies.
Identify and communicate opportunities to enhance the security posture of Client.
Build and / or manage enterprise security platforms effectively (mainly Splunk and SOAR).
Communicate effectively across all levels of management to articulate Client security goals and vision.
Build and / or manage enterprise security platforms effectively.

Splunk Focused Responsibilities: Design and Architecture: Lead the design, deployment, and maintenance of Splunk infrastructure across multiple environments Develop and implement best practices for scaling and optimizing Splunk deployments. Architect complex Splunk solutions tailored to the organization s needs, ensuring data integrity and optimal performance.

Data Ingestion and Management: Integrate and ingest data from various sources (applications, network devices, security tools) into Splunk, ensuring data normalization and enrichment. Create and manage data models, field extractions, lookups, and accelerations.

Dashboard and Alerting: Design, develop, and maintain custom dashboards, reports, and alerts for different stakeholders (IT, Security, Compliance). Implement real-time monitoring and alerting solutions to detect and respond to critical incidents.

Security and Compliance: Work closely with the Security Operations Center (SOC) to support security monitoring, threat detection, and incident response efforts. Ensure Splunk deployments meet compliance requirements and are aligned with industry standards (e.g., PCI, HIPAA, GDPR).

Collaboration and Support: Collaborate with cross-functional teams (developers, network engineers, security analysts) to ensure seamless integration of Splunk with other systems. Provide mentoring and training to junior Splunk engineers and other IT staff. Troubleshoot and resolve complex Splunk-related issues, ensuring minimal downtime and service disruption.

Automation and Scripting: Develop scripts and automation tools to streamline Splunk administration, data ingestion, and reporting tasks. Utilize Splunk s REST API for advanced integrations and custom solutions.

Documentation and Reporting: Maintain detailed documentation of Splunk architecture, configurations, processes, and procedures. Generate periodic reports on Splunk performance, usage, and incidents for management review.

 

Required Skills:
A minimum of 5+ years of hands-on experience in building, designing, and maintaining enterprise security tools such as SIEM and SOAR.
Minimum of 5 years of experience working with Splunk in a large-scale environment.
Proven experience in designing and managing Splunk Enterprise, and Splunk Cloud
5+ years of successfully implementing advanced cyber security technology in a complex environment
Bachelor's degree in computer science, engineering, or other related discipline or 5+ years of previous technical security experience
Strong knowledge of Splunk SPL (Search Processing Language) and regular expressions
Experience with cloud platforms (AWS, Azure, Google Cloud Platform) and their integration with Splunk.
Hands on technical experience with networking and computing system architectures, specifically, the security aspects thereof.
Hands on technical experience with compliance and regulatory frameworks and how they affect architecture designs and reviews.
Must have 5+ scripting experience (using Python or other equivalent languages).

 

Nice-to-Haves:
Security and Cloud certifications are a plus. (CISSP, etc.)
Splunk Advance certification (Splunk Cloud Certified Admin, Enterprise Certified Admin, Enterprise Certified Architect, etc.) is a plus.
MXDR experience
QR experience

 

 

Posted By:
Loginsoft Consulting LLC
Chantilly, VA
Email: jobs (at) loginsoft (dot) com
Phone:

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.