Security Consultant – IV @ Verizon

Job Information

Job Description:

You’ll need to have:

  • A bachelor’s degree with three or more years of relevant SIEM work experience.
  • Four or more years of relevant work experience in IT Security.
  • Experience in the deployment of Splunk components in both project and BAU lifecycle stages of delivery
  • Experience with automation, capacity planning, performance optimization, benchmarking, configuration management and continuous monitoring and delivery (may include experience using Vagrant, Puppet, Chef and Ansible)
  • Experience in supporting and maintaining a complex multi cluster Splunk environment used to monitor infrastructure deployed across cloud and on-premise data centers
  • Ability to perform complete Splunk environment installs
  • Experience in Linux and networking is required.
  • Understanding of enterprise systems administration (Linux preferred) and/or enterprise networking. Knowledge of protocols like TCP/IP, DNS, HTTP, and SMTP.
  • Translate cyber security risks to SIEM use cases, using relevant data to increase the effectiveness of threat detection, response and recovery
  • Champion SIEM automation, orchestration and data infusion utilizing security incidents, vulnerabilities, threat intelligence and other relevant sources
  • Devise health check strategies on the components of Splunk and log source ingestion to enable SOC to perform these scheduled
  • An excellent understanding of log ingestion and data normalization on the Splunk platform
  • Problem-solving and communication skills
  • One or more current Splunk Certifications mentioned below,
    • Splunk Architect or Architect II (preferred)
    • Splunk Certified Administrator
    • Splunk Certified Sales Engineer or higher

 

Even better if you have one or more of the following:

  • Possess a very high level of familiarity with the data architecture at the Forwarding, Indexing, and Search layers in the Customer environment – which event data is ingested from where, how does it get to where it is stored, and which fields are extracted from it at search time.
  • Have expertise on configuration management used by the Splunk admin team, and, where possible, contribute to configuration changes.
  • The ability to identify when a Splunk Event type is not ingested correctly from a Cyber Security Use Case perspective and how to fix the issue (e.g. UF, HF, TA, etc).
  • Can validate that a log has been ingested correctly within Splunk and can be used by the aSOC when referring to current and future Cyber Security Use Cases.
  • Devise health check strategies on the components of Splunk and log source ingestion to enable SOC to perform these scheduled

Benefits:
Experience Level: Mid-Senior
Work From: Onsite

Company Information

View all jobs of Company: Click here

Apply now

Pin It on Pinterest