Security Consultant – IV @ Verizon
Job Information
Job Description:
You’ll need to have:
- A bachelor’s degree with three or more years of relevant SIEM work experience.
- Four or more years of relevant work experience in IT Security.
- Experience in the deployment of Splunk components in both project and BAU lifecycle stages of delivery
- Experience with automation, capacity planning, performance optimization, benchmarking, configuration management and continuous monitoring and delivery (may include experience using Vagrant, Puppet, Chef and Ansible)
- Experience in supporting and maintaining a complex multi cluster Splunk environment used to monitor infrastructure deployed across cloud and on-premise data centers
- Ability to perform complete Splunk environment installs
- Experience in Linux and networking is required.
- Understanding of enterprise systems administration (Linux preferred) and/or enterprise networking. Knowledge of protocols like TCP/IP, DNS, HTTP, and SMTP.
- Translate cyber security risks to SIEM use cases, using relevant data to increase the effectiveness of threat detection, response and recovery
- Champion SIEM automation, orchestration and data infusion utilizing security incidents, vulnerabilities, threat intelligence and other relevant sources
- Devise health check strategies on the components of Splunk and log source ingestion to enable SOC to perform these scheduled
- An excellent understanding of log ingestion and data normalization on the Splunk platform
- Problem-solving and communication skills
- One or more current Splunk Certifications mentioned below,
- Splunk Architect or Architect II (preferred)
- Splunk Certified Administrator
- Splunk Certified Sales Engineer or higher
Even better if you have one or more of the following:
- Possess a very high level of familiarity with the data architecture at the Forwarding, Indexing, and Search layers in the Customer environment – which event data is ingested from where, how does it get to where it is stored, and which fields are extracted from it at search time.
- Have expertise on configuration management used by the Splunk admin team, and, where possible, contribute to configuration changes.
- The ability to identify when a Splunk Event type is not ingested correctly from a Cyber Security Use Case perspective and how to fix the issue (e.g. UF, HF, TA, etc).
- Can validate that a log has been ingested correctly within Splunk and can be used by the aSOC when referring to current and future Cyber Security Use Cases.
- Devise health check strategies on the components of Splunk and log source ingestion to enable SOC to perform these scheduled
Benefits:
Experience Level: Mid-Senior
Work From: Onsite
Company Information
View all jobs of Company: Click here