NikSoft

Splunk Service Engineer (Integration & Ingestion)

US-NC-Morrisville
1 month ago(11/3/2017 3:09 PM)
ID
2017-1274
# of Openings
1
Category
Information Technology

Overview

NikSoft Systems Corporation is a recognized Information Technology solutions provider. Founded in 1998 and based in Reston, Virginia, NikSoft is a CMMI Level 3 Certified company with an established reputation for excellence and on-time delivery with a consistently high customer satisfaction rating from its Federal Government and private consulting contracts.

Responsibilities

Seeking a professional and experienced SIEM Engineer that is specialized in Splunk Integration & Ingestion to join our on-site client-facing team. The successful candidate will provide consulting, training and hands-on-keyboard services for Splunk data integration, content development and user enablement for the Corporate Information Security Office (CISO) organization.

  • Tune and configure Splunk App for Enterprise Security (ES)
  • Work with CISO Operations and Engineering to gather requirements for building content and use cases in Splunk.
  • Assist in development of advanced security use cases in Splunk
  • Handle User Enablement to include assist and/or train CISO Splunk team on data lifecycle support, assist and/or train CISO team and analysts on Content Development, develop and implement automation and efficiencies with Splunk and CISO workflows, provide analyst training and workshops on using Splunk, and introduce new content, alerts and data sources to CISO Analysts.
  • Develop Data Lifecycles

1.  Data Discovery with Application Owners/End Users to determine data source structure and        onboarding design.

2.  Data Parsing (Dev) at Index Time (Host, Source, Sourcetype, Line breaks, Timestamps)
3.  Data Normalization (Dev) including CIM compliance. Preparing data to be ready for search, data      models and content development
4.  Data Validation (Dev) work with Application owner and end user to validate data normalization
5.  Data Onboarding (Prod) work with Splunk Admins to onboard Data from Dev to Prod

Qualifications

  • Extensive experience (5+ years) in information security operations and/or related IT operational functions.
  • Must possess a minimum of a Bachelor’s Degree in Computer Science, Information Technology or Information Security.
  • Certification in one or more of; CompTIA Net+, CompTIA A+, or CompTIA Security +.
  • Demonstrable expert knowledge of Splunk Best Practices, Operation Plans, Workflows and Processes.
  • Overall experience with Security Operation tools inclusive of products from RedSeal, Tenable, FireEye, Looking Glass, Intel, Endgame, StealthWatch, RSA, Tanium.
  • US Citizenship status and Active DoD Secret Clearance (preferred), must successfully complete the government's security process (required).

 

BENEFITS:

 

NikSoft’s competitive benefits program includes comprehensive medical and dental care, matching 401K, paid time off, flexible spending accounts, disability coverage, and other benefits that help provide financial protection for you and your family.

 

 

NikSoft Systems Corp is fully committed to the concept and practice of equal opportunity and affirmative action in all aspects of employment.  NikSoft is an EOE M/F/Disability/Veteran employer. For more information about our other openings, please visit www.niksoft.com.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed