Select Cyber seeks to fill a lead roleΒ for a talented Splunk Security Engineer to work for a major Oil and Gas Customer in Houston, TX. This analyst will focus on management of the Splunk data environment associated with identification of insider threat alerts. The ideal candidate will have a strong background in Splunk development as well as Information Security.
Responsibilities for the Splunk Security Engineer:
Provide high-level Splunk expertise and in regards to design, implementation and overall use for the Insider Threat team to accelerate internal threat hunting and identification.
Design and implement data ingestion processes from new data sources into Splunk
Configure monitoring/log ingestion solutions, including reports, alerts, and/or dashboards.
Take responsibility for creation of Splunk configuration and usage policies to improve effectiveness within an enterprise environment
Review configurations and policies for overall effectiveness and consistency
Liaise with the appropriate teams responsible for company-wide Splunk management
Help the team research events using correlation of various data sources
Drive on-going operational improvements of the Splunk environment
Requirements
Bachelor degree (Computer Science, Information Security) or equivalent combination of education and related work experience preferred.
Experience with Splunk Enterprise Security and/or Splunk User Behavior Analytics
Experience building Splunk dashboards/reports/alerts in a large enterprise environment
Ability to work on a small, expert team in a fast-paced environment.
βExperience in prioritizing and responding to real-time security alerts.