Splunk Engineer-Core Certified Consultant (ES Accreditation Required)
Вакансия из Hirify Global, списка международных tech-компанийДля мэтча и отклика нужен Plus
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Splunk Engineer-Core Certified Consultant (ES Accreditation Required): Implement RBA strategies within Splunk ES to reduce alert noise and develop high-fidelity alerts with an accent on risk scores, dashboards, reports, and custom ML models. Focus on correlating disparate data sources, building automated workflows, and onboarding new data from Windows, Linux, AWS, and Azure for effective security analysis.
Location: 100% Remote (US-based company with US benefits)
Company
Veteran-owned small business delivering top-tier technology services, recognized as Best Places to Work and on Inc. 5000 list of fastest-growing companies.
What you will do
- Develop and implement RBA strategies in Splunk ES to reduce alert noise and focus on high-fidelity alerts.
- Build actionable alerts, workflow actions, risk incident rules, and risk scores.
- Design custom dashboards and reports to visualize risk scores and provide analyst context.
- Correlate disparate events and data sources to identify risky behavior patterns.
- Develop custom ML models to augment alerting and create automated workflows for efficiency.
- Onboard and enrich new data sources from OS, applications, and cloud services for RBA analysis.
Requirements
- Splunk Core Certified Consultant required; ES Accreditation required
- Deep expertise in Splunk administration, architecture, and SPL.
- Strong knowledge of security operations, threat detection, incident response, and frameworks like NIST RMF.
- Proficiency in scripting languages like Python, PowerShell, or Bash.
- Willingness to collaborate in an agile environment.
Nice to have
- Splunk Core Certified Power User, Enterprise Certified Admin, Architect, or ES certifications.
Culture & Benefits
- Competitive salary paid twice per month.
- Best-in-class medical coverage with 100% premiums covered by company.
- 3 weeks PTO + 11 paid holidays; paternity/maternity leave.
- 401k with 100% company match on first 4%.
- Monthly cell phone and home internet reimbursement.
- Investment in training and certifications; contribution incentives for white papers, blogs, webinars.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →
Похожие вакансии
Security Engineer (Data Centers)
Detection Engineer (Cybersecurity)
Cloud Security Engineer (AI)
Security Architect
Cybersecurity Incident Response Specialist