Splunk SIEM Security Engineer/Architect

AI overview

Support and optimize Splunk environments while managing correlation searches, data onboarding, and implementing security policies for enhanced information security monitoring.

Exciting Splunk SIEM Security Engineer/Architect contract opportunity.

Requirements

3 plus years of experience in Spunk (SIEM) Security Enterprise: architecting, configuring, deploying, and customizing the tool, preferably both in supporting the application and utilizing the application for information security monitoring, incident response, and compliance
Onboard new data sources to the Splunk environment as required by the customer Cybersecurity Team for monitoring by the client SOC
Configuration of Correlation Searches, Dashboard Searches, Risk Modifiers, Threat Intelligence Feeds, Workflow Actions and Enterprise Security content
Validate and Manage all Splunk forwarders reporting into the Splunk environment
Manage and optimize the Splunk environment, Enterprise Security Module and Phantom Module.
Implement new Correlation Rules (Correlation Searches) in the Splunk environment Enterprise Security Module
Ability to perform security analysis, development and implementation of security policies, standards, and guidelines
Perform ongoing development for additional use case and SIEM tuning.
Experience with implementation of Log Management and Analytics products - Splunk