TECHEAD is celebrating over thirty-five years of incredible heritage, talent, and accomplishments! To learn more about TECHEAD, visit us at TECHEAD.com or on Glassdoor.
Sr. Splunk SIEM Engineer
6 Month Contract-to-Hire
HYBRID - (3 Days in office)
Local Candidates Only!!!
Richmond, VA
Techead's customer based in Richmond VA is seeking a skilled Sr. Splunk SIEM Engineer.
Key Responsibilities:
- Development, deployment, or administration of Splunk.
- Onboard Splunk ES critical data sources - ingestion of critical data sources/data logs from the enterprise into the Security Information Event Management (SIEM) tool to meet the Splunk Enterprise Security (ES) implementation.
- Normalize Log Data to Common Information Model (CIM) as required by Splunk ES to meet the provided security use cases (Rules/Alerts).
- Create viewable Splunk dashboards to provide visibility into ingested log data.
- Create alerts that trigger/activate on configured setting to deploy or sends a note, email, or attachments to a particulate destination email or groups.
- Create security rules (alerts) that trigger on anomalous activities or threat detections.
- Splunk Support - Assisting Customers with any issues when ingestion of logs that are not working properly or communication issues with Splunk.
- Resolve Splunk infrastructure or system issues.
- Check virtual server availability, functionality, integrity, and efficiency.
- Monitor and maintain virtual server configuration.
- Diagnose failed servers or connectivity problems.
Required Skills:
- Experience working with cloud services such as AWS, Azure and M365 and cloud access security brokers.
- Experience in the use of network monitoring tools with a strong understanding of network protocols.
- Ability to perform security analysis, development and implementation of security policies, standards, and guidelines.
- Ability to quickly explore, examine and understand complex security problems and how it affects a customer’s business.
- Experience with both the Linux and Windows operating systems.
- Experience with SOAR and Firewall platforms from Palo Alto Networks
Education and Experience:
- Completed Bachelor’s degree from an accredited university is required, preferably in an IT related field.
- Minimum of 5 to 7 years of experience related to the qualifications above, including work with security monitoring tools such as IDS/IPS, FWs and NACs and protocols such as NetFlow (Snort, Bro, Palo Alto, Checkpoint, Palo, Arista, ISE,FireEye, Gigamon).
TECHEAD's mission is to make our on-site associates successful by placing them in the right environment so they can grow and prosper. How we treat and respond to our clients and employees is a reflection of who we are and makes us stand out from the rest. Keeping our business focused on building and maintaining relationships with our employees and clients is the key to our success. We won't strive for anything less.
TECHEAD provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
For more information on TECHEAD please visit www.techead.com.
No second parties will be accepted.