Título del trabajo: Senior Siem Administrator (Splunk Preferred)

Compañía: Vs-Staffing

Descripción de funciones: **Job Title: Senior SIEM Administrator (Splunk Preferred)****Overview**:Join an exciting opportunity with a leading energy and power client, a prominent utility company with an extensive footprint and strong industry presence. This is a full-time, long-term contract position, offering potential growth opportunities.**Required Experience and Qualifications**:- Minimum 5 years of experience in cyber security roles (infrastructure support, information security, IT, consulting, etc.)- Proven expertise in administrating Splunk in a distributed/clustered environment, including installations, configuration, monitoring system performance and availability, upgrades, and troubleshooting (2+ years)- Proficient in writing Splunk queries, with knowledge of regular expressions (2+ years)- Strong command of Linux, including experience with Linux scripting languages (Bash or Python), and the ability to automate Linux tasks is a plus.- Preferred certifications: GSEC, CISSP, GCIA, GCFA, GCFE, GREM, CEH, OSCP**Position Responsibilities**:- Provide administration support for a distributed/clustered Splunk environment, encompassing search heads, indexers, deployment servers, and heavy and universal forwarders, with a focus on security, performance, and operational roles.- Onboard new data sources into Splunk in response to requests- Develop and customize dashboards to highlight key trends in data.- Contribute to the health, performance, stabilization, and tuning of all logging infrastructure.- Support definition, monitoring, and reporting of effectiveness metrics, implementing continuous improvement measures.- Devise creative solutions meeting business needs while ensuring adherence to security controls and best practices.- Prepare and document standard operating procedures and protocols.- Conduct security testing, health checks, and audits to identify gaps and address weaknesses.**Technical Summary**:- Essential skills: Splunk, Cyber Security, Splunk Dashboards

Ubicación: San José

Fecha del trabajo: Tue, 27 Feb 2024 23:46:03 GMT