Splunk Engineer - Consultant Certified / ES Accreditation Required (R-00064) at True Zero Technologies

Herndon, Virginia, United States

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Government, CybersecurityIndustries

Requirements

Prior Splunk engineering and administration experience
Splunk Consultant Certification (necessary prerequisites must be met)
Significant experience with Splunk Enterprise Security (ES)
Experience ingesting logs into Splunk via Cribl
Experience with RBAD
US Background Check
Ability to work well in a team environment

Responsibilities

Data on-boarding into Splunk instances
Develop Splunk content, including actionable alerts and workflow for Splunk as a SIEM tool
Develop Splunk content, including apps & knowledge objects (KO) like dashboards, reports, and data models
Develop and implement reports and visualizations
Collaborate with the Splunk Architect/Admin to promote private KOs to global KOs
Assist, train, and/or host workshops for CISO Splunk Engineering team on searching and content development
Develop and implement risk rules and risk incident rules to correlate and alert to significant cyber events
Develop custom automation to improve efficiency of CISO workflows using Splunk
Assist in the development of advanced security use cases in Splunk
Develop custom machine learning (ML) models to support anomaly-detection based augmentation of alerting
Work with numerous stakeholders to implement & maintain solutions
Configure incident response and remediation workflows for ES around notable events (RBA or otherwise alerted)

Skills

Key technologies and capabilities for this role

SplunkSplunk ESSplunk Enterprise SecurityCriblRBADSIEMSplunk AdministrationData OnboardingSplunk Content DevelopmentActionable Alerts

Questions & Answers

Common questions about this position

Is this position remote?

Yes, this is a fully remote position.

What is the salary for this Splunk Engineer role?

This information is not specified in the job description.

What skills and certifications are required for this position?

Required skills include prior Splunk engineering and administration experience, Splunk Consultant Certification, heavy Splunk ES experience, Cribl experience for ingesting logs into Splunk, and RBAD experience. A US background check is also required.

What is the company culture like at True Zero Technologies?

True Zero Technologies is a veteran-owned small business that emphasizes purposeful enablement of people and technology, fostering a community of like-minded, driven, and passionate individuals focused on delivering top-tier services. It has been recognized as a 'Best Places to Work' in 2023 and one of Inc. Magazine’s Top 5000 Fastest Growing Companies in 2022.

What makes a strong candidate for this Splunk Engineer role?

Strong candidates have prior Splunk engineering experience, Splunk Consultant Certification, heavy Splunk ES experience, Cribl and RBAC experience, and work well in a team environment. Backgrounds supporting federal customers are a plus.

True Zero Technologies

Cybersecurity services for IT environments

About True Zero Technologies

True Zero Technologies specializes in cybersecurity services and solutions, utilizing technologies such as Splunk, Tanium, and Cribl to provide actionable insights into IT environments for public and private sector organizations. The company's team delivers scalable solutions, shaping large operational and security programs.

11325 Random Hills Rd #360, Fairfax, VA 22030, USAHeadquarters

2016Year Founded

VENTURE_UNKNOWNCompany Stage

ConsultingIndustries

11-50Employees