Splunk Engineer – Core Certified Consultant, ES Accreditation Required

🕒 Abril 1

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

True Zero Technologies, LLC

SiteLinkedInTodas as Vagas

11 - 50 funcionários

🔒 Cibersegurança

🏢 Corporativo

☁️ SaaS

Cybersecurity • Enterprise • SaaS

A True Zero Technologies, LLC é uma empresa de propriedade de veteranos, especializada em soluções de cibersegurança. A empresa oferece uma gama de serviços, incluindo engenharia e arquitetura de segurança, adoção de tecnologias emergentes, operações cibernéticas, inteligência de ameaças cibernéticas, testes de penetração e garantia de informação. A True Zero também é reconhecida por seus serviços gerenciados e capacidades de segurança em nuvem. A empresa faz parcerias com líderes tecnológicos como Tanium, Splunk, Cribl e Zscaler para fornecer soluções de alto impacto e alto valor, que ajudam as organizações a inovar enquanto aprimoram seus programas de segurança e operacionais. A True Zero está comprometida em capacitar organizações com insights acionáveis para proteger seus ambientes de TI de forma eficaz.

Descrição

• Implement RBA:** Develop and implement RBA strategies within Splunk ES to reduce alert noise and focus on high-fidelity alerts. • Develop RBA components:** Build and implement actionable alerts, workflow actions, risk incident rules, and risk scores. • Create dashboards and reports: Design custom dashboards to visualize risk scores and provide context for analysts. • Correlate data: Use Splunk's capabilities to correlate disparate events to identify patterns of risky behavior. • Build custom solutions:** Develop custom machine learning (ML) models to augment alerting and create automated workflows to improve efficiency. • Content Development: Develop advanced security content, including dashboards, reports, and alerts, to highlight risk details, health analysis, and risk suppression specific to RBA environments. • Data: Collaborate with application and system owners to onboard new data sources (e.g., from Windows, Linux, cloud services like AWS/Azure) and ensure proper parsing and enrichment for effective analysis within RBA. • Correlate various data sources, such as logs from operating systems, applications, and cloud providers, into Splunk to feed RBA models.

🎯 Requisitos

• Core Certified Consultant is a requirement • Deep technical expertise in Splunk administration, architecture, and Search Processing Language (SPL). • Strong understanding of security operations, threat detection, incident response, and security frameworks (e.g., NIST RMF). • Preferred relevant Splunk certifications are a plus such as: • Splunk Core Certified Power User • Splunk Enterprise Certified Admin • Splunk Enterprise Certified Architect • Splunk ES • Proficiency in scripting languages like Python, PowerShell, or Bash for automation and data analysis. • Willingness to collaborate within an agile environment

🏖️ Benefícios

• Competitive salary, paid twice per month • Best in class medical coverage • 100% of medical premiums covered by True Zero • Company wide new business incentive programs • Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.) • 3 weeks of PTO starting + 11 Paid Holidays Annually • 401k Program with 100% company match on the first 4% • Monthly reimbursement of Cell Phone and Home Internet costs • Paternity/Maternity Leave • Investment in training and certifications to broaden and deepen your technical skills