Splunk Architect
Posted 1 week ago by 1762331539
Negotiable
Outside
Remote
USA
Summary: The Splunk Architect role involves migrating from Securonix to Splunk Cloud, focusing on implementing Enterprise Security with static and dynamic rules. The position requires expertise in installing and customizing the Splunk Security framework, leading deployment, and operationalization efforts. The architect will also integrate sources, document processes, and build dashboards within an agile environment.
Key Responsibilities:
- Must have 7-10 yrs SIEM experience w/ products like SPUNK.
- Architect & Migrate from Securonix to Splunk Cloud including Log Management and Data Analytical Platform in line with client deliverables inclusive of :
- Create and maintain standard operating procedures, Create Detections & Write Parsers, technical documents and troubleshooting guidelines of security solutions.
- Monitoring and tuning of managed technologies to optimize system performance
- Configure and troubleshoot managed security devices.
- Providing assistance to customer requests such as Log Source configuration, App installation, Data Parsing, Use Case Development and Troubleshoot complex issues for managed technologies
- Responsible for managed technologies patching and updates
- Execute highly technical changes, change windows, and client requests by following standard change management process.
- Must have previous experience providing Tier-III level technical support for SIEM, Log Management Platform and Data Analytical tools during business hours and non-business hours.
- Previous experience conducting System Health Checks on managed technologies and provide recommendations on performance improvements huge plus.
- Must have previous experience in security operations, incident management, or command center environment such including:
- The following are security certification are recommended: CISSP, CISM, GSEC, GIAC, GPEN
- Must be able to interface effectively with all levels of the organization.
- Must have excellent interpersonal skills and be strong and effective communicator
Key Skills:
- 7-10 years of experience with SIEM products, specifically Splunk.
- Expertise in migrating from Securonix to Splunk Cloud.
- Proficient in creating detections, writing parsers, and developing technical documentation.
- Experience in monitoring and tuning managed technologies.
- Ability to configure and troubleshoot managed security devices.
- Experience in providing Tier-III technical support.
- Knowledge of security operations and incident management.
- Recommended security certifications: CISSP, CISM, GSEC, GIAC, GPEN.
- Strong interpersonal and communication skills.
Salary (Rate): undetermined
City: undetermined
Country: USA
Working Arrangements: remote
IR35 Status: outside IR35
Seniority Level: undetermined
Industry: IT
Detailed Description From Employer:
Splunk Architect
Location: REMOTE
Location: REMOTE
Overview:
Client needs a collaborate Splunk Architect who can migrate from Securonix to Splunk Cloud. Enterprise Security is part of the implementation, the customer wants to implement static and dynamic rules associated with this. Including around UEBA and any other risk behavior modules. They should be proficient with installing & customizing the Spunk Security framework. This person should have a solid understanding since they will lead Splunk Enterprise Security deployment and operationalization. SME will be charged with integrating sources, documentation and building dashboards within an agile environment.
Key Responsibilities:
Client needs a collaborate Splunk Architect who can migrate from Securonix to Splunk Cloud. Enterprise Security is part of the implementation, the customer wants to implement static and dynamic rules associated with this. Including around UEBA and any other risk behavior modules. They should be proficient with installing & customizing the Spunk Security framework. This person should have a solid understanding since they will lead Splunk Enterprise Security deployment and operationalization. SME will be charged with integrating sources, documentation and building dashboards within an agile environment.
Key Responsibilities:
- Must have 7-10 yrs SIEM yrs of experience w/ products like SPUNK.
- Architect & Migrate from Securonix to Splunk Cloud including Log Management and Data Analytical Platform in line with client deliverables inclusive of :
- Create and maintain standard operating procedures, Create Detections & Write Parsers, technical documents and troubleshooting guidelines of security solutions.
- Monitoring and tuning of managed technologies to optimize system performance
- Configure and troubleshoot managed security devices.
- Providing assistance to customer requests such as Log Source configuration, App installation, Data Parsing, Use Case Development and Troubleshoot complex issues for managed technologies
- Responsible for managed technologies patching and updates
- Execute highly technical changes, change windows, and client requests by following standard change management process.
- Must have previous experience providing Tier-III level technical support for SIEM, Log Management Platform and Data Analytical tools during business hours and non-business hours.
- Previous experience conducting System Health Checks on managed technologies and provide recommendations on performance improvements huge plus.
- Must have previous experience in security operations, incident management, or command center environment such including:
- The following are security certification are recommended: CISSP, CISM, GSEC, GIAC, GPEN
- Must be able to interface effectively with all levels of the organization.
- Must have excellent interpersonal skills and be strong and effective communica