Before u proceed below to check the jobs/CVs, please select your favorite job categories, whose top job alerts you want in your email & Subscribe to our Email Job Alert Service For FREE
Job Location: Fairfax, VA
IT Security Splunk Analyst will provide overall engineering, and administration in supporting NVCC’s distributed clustered Splunk environment consisting of search heads, indexers, deployers, deployment servers, heavy/universal forwarders and Splunk Enterprise Security premium app, spanning security, performance, and operational roles.
Duties and Tasks:
The IT Splunk Security Analyst will be onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data. The IT Security Splunk Analyst will be editing and maintaining Splunk configuration files and apps. He/she will be a member of the Security team, and will be required to interact with end users to gather requirements, perform troubleshooting, a provide assistance with the creation of Splunk search queries and dashboards. The IT Security Splunk Analyst may be required interact with senior management, as necessary.
- Demonstrated ability to create complex dashboards, forms, and visualizations
- Effective verbal and written communication skills that include the ability to describe highly technical concepts in non-technical terms
- Knowledge of Splunk license management preferred
- Knowledge of System Log Files and other structured and non-structured data
- Knowledge of advanced search and reporting commands
- Knowledge the relationship between the CIM and knowledge objects, ability to create a lookup file and create a lookup definition& field aliases and calculated fields
- Strong knowledge of application monitoring and event management
- Strong knowledge of SPL as well as the ability to develop automated search and apps using Python or bash/shell scripting
- Bachelor’s Degree; or an equivalent combination of formal education, training, and experience.
- Some experience with Splunk – some architecting, configuring, deploying, and customizing the tool.
- Some experience with the Common Information Model (CIM),
- Significant experience with Linux and Windows operating systems
- Security Professional certifications preferred.
- Experience with maintaining system security using packet filtering, logging, and intrusion detection systems in production computing environments preferred.
- Experience with Cisco Prime and/or Sourcefire Systems preferred
- Experience with Splunk configuration files and architecture
- Experience with Splunk architecture components to include search head clustering, indexer clustering, deployment server and monitoring console.