Senior Splunk Engineer (SIEM) (REMOTE & W2 ONLY)

$187,200 - $187,200/Yr

Milestone Technologies - Garland, TX

posted 3 days ago

Full-time - Mid Level
Garland, TX
Professional, Scientific, and Technical Services

About the position

The Senior Splunk Engineer (SIEM) is responsible for administering, monitoring, and maintaining security infrastructure, including application and container security tools, security orchestration solutions, and security information and event monitoring (SIEM). This role plays a crucial part in the information security team, ensuring adherence to security best practices and the maintenance of tools and processes that support a secure platform. The ideal candidate will have a blend of security and systems engineering expertise, along with strong communication skills to effectively convey security policies to the business.

Responsibilities

  • Build and maintain complex technical infrastructure that supports a secure platform protecting data at rest and in transit.
  • Work closely with Enterprise and business owners to identify endpoint coverage scope and apply strong analytical skills related to operating systems and security toolsets.
  • Provide technical guidance on industry tools and best practices in endpoint security.
  • Monitor and maintain security tools that enforce security policies and capabilities.
  • Provide expertise in managing enterprise security systems, focusing on minimally impactful implementations of security tools and features.
  • Improve efficiencies using automation and orchestration solutions to reduce manual work.
  • Administer system infrastructure hosted within public/private/hybrid environments.
  • Stay current with new security trends and continuously assess systems for appropriate configurations to defend the business.
  • Deploy and correlate threat intelligence and vulnerability management solutions.
  • Manage day-to-day security operations including onboarding/offboarding of security endpoint agents, user access management, and ensuring system availability.

Requirements

  • Splunk Admin Certified
  • Extensive experience with Cloud infrastructure (AWS preferred) including EC2, ECS, Route53, SNS, Lambda, CloudWatch, Secrets Manager, RDS.
  • Experience with configuration management tools such as Ansible or Chef and infrastructure as code tools like Terraform or CloudFormation.
  • Proficiency in scripting languages such as Python or Go.
  • Experience administering SIEM solutions in an enterprise environment, including log data ingestion configuration and customization.
  • Experience managing various security tools and technologies (SOAR, SIEM, etc.).
  • Experience configuring authentication and authorization concepts (RBAC, IAM).
  • Extensive experience in Splunk and related SIEM and SOAR technologies (Cribl, Demisto).
  • Experience integrating internal platforms with SaaS solutions such as Tenable and Sentinel One.
  • Experience building Docker containers.
  • Exceptional verbal and written communication skills.

Nice-to-haves

  • AWS certifications

Benefits

  • Comprehensive benefit options which vary depending on role, location, and employment type.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service