Splunk Enterprise Security consultant - Charlotte, United States - Global Channel Management
Description
Job Description:
Splunk Enterprise Security consultant
needs 5+ years of on-premise Splunk Enterprise (SE) 7.X , 8.X experience in administration and environment upkeep - configuring, implementing , supporting SE across Windows Server , Linux/Unix platforms.
requires:
7+ years in Information Technology
Technical experience in a Splunk Enterprise multi-datacenter clustered environment with daily data ingestion above 10+ Terabytes
Good understanding of and experience in scripting languages - Python, Perl, Bash, Powershell
Exclusive technical knowledge and experience from a Cybersecurity standpoint in analyzing logs and in detecting anomalies from disparate sources - Public cloud , endpoints, network, storage, security event sensors, firewall, syslog, Web services, authentication systems...
Knowledge and 1+ year in cloud technologies - AWS preferred.Deep technical knowledge of Splunk Enterprise architecture and components - Forwarders , Search Heads, Indexers , Deployers, License Master , Data Collection Nodes.
Exclusive experience in CIM, data model acceleration , SPL, knowledge objects, reports, dashboards, alerts, data/field extractionsKnowledge of installing , implementing Splunk Enterprise Security
Comprehensive knowledge of Linux and Windows Server operating systems and decent knowledge of administration in Linux
Good understanding of Software Development Life Cycle (SDLC) process and OSI model, Agile methodologies
Splunk certifications in power user, administration, Enterprise Security - a plus.
AWS practitioner certifications - a plus
Exposure to BigFix, Java programming - a plus
Familiarity with Ansible
Abilities to work professionally and communicate effectively in cross-functional team settings across multiple geographical locations
Bachelor's in computer science / information technology - a plus
Splunk Enterprise Security consultant
duties:
Implement archiving solution for security events
Routinely upgrade Splunk Enterprise Security
Implement automation improvements and intuitiveness for security use case orchestration, responses (through Splunk, SOAR or other internal tool and processes)
Data normalizing /data management / log filtering
Onboarding application logs from various event sources/applications/processes
Leveraging and extending more of Splunk Enterprise Security capabilities
Company Description:
Global Channel Management is a technology company that specializes in various types of recruiting and staff augmentation. Our account managers and recruiters have over a decade of experience in various verticals.
GCM understands the challenges companies face when it comes to the skills and experience needed to fill the void of the day to day function.
Organizations need to reduce training and labor costs but at same requiring the best "talent " for the job#J-18808-Ljbffr