Splunk Engineer - Consultant Certified / ES Accreditation Required (R-00062) at True Zero Technologies

Annapolis, Maryland, United States

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Cybersecurity, GovernmentIndustries

Requirements

Extensive prior Splunk Engineering and Administration experience
Splunk Consultant Certification
Heavy experience with Splunk Enterprise Security (ES)
Experience ingesting logs into Splunk via Cribl
RBAD Experience
US Background Check

Responsibilities

Implement data ingestion processes into Splunk (Data Onboarding)
Develop and implement Splunk content, including actionable alerts and workflows (as a SIEM tool), and apps & knowledge objects (dashboards, reports, data models)
Create and maintain reports and visualizations within Splunk
Work with the Splunk Architect/Admin to promote private knowledge objects to global knowledge objects
Assist and train CISO Splunk Engineering teams on searching and content development
Assist in the development and hosting of workshops for CISO teams and analysts
Develop and implement advanced security use cases in Splunk
Develop risk rules and risk incident rules to correlate and alert on significant cyber events
Develop custom dashboards specific to RBA (Risk Based Alerting)
Develop automation to improve efficiency of CISO workflows using Splunk
Develop custom machine learning (ML) models to support anomaly-detection in alerting
Work with numerous stakeholders to implement and maintain Splunk solutions

Skills

Key technologies and capabilities for this role

SplunkSplunk Enterprise SecuritySplunk ConsultantCriblRBACSIEMData OnboardingKnowledge ObjectsDashboardsReportsVisualizationsAlertsWorkflows

Questions & Answers

Common questions about this position

Is this position remote?

Yes, this is a fully remote position.

What is the salary for this Splunk Engineer role?

This information is not specified in the job description.

What skills and certifications are required for this position?

The role requires extensive Splunk engineering and administration experience, Splunk Consultant Certification, heavy experience with Splunk Enterprise Security (ES), experience with Cribl for log ingestion, and RBAC experience. A US background check is also required.

What is the company culture like at True Zero Technologies?

True Zero Technologies focuses on building a community of driven and passionate individuals and has been recognized as a 'Best Places to Work' in 2023 and one of Inc. Magazine’s Top 5000 Fastest Growing Companies in 2022.

What makes a strong candidate for this Splunk Engineer role?

Candidates with extensive prior Splunk engineering experience, Splunk Consultant Certification, heavy Splunk ES experience, Cribl and RBAC skills, and experience supporting federal customers will stand out.

True Zero Technologies

Cybersecurity services for IT environments

About True Zero Technologies

True Zero Technologies specializes in cybersecurity services and solutions, utilizing technologies such as Splunk, Tanium, and Cribl to provide actionable insights into IT environments for public and private sector organizations. The company's team delivers scalable solutions, shaping large operational and security programs.

11325 Random Hills Rd #360, Fairfax, VA 22030, USAHeadquarters

2016Year Founded

VENTURE_UNKNOWNCompany Stage

ConsultingIndustries

11-50Employees