• 5+ years of experience with Splunk 
• Splunk certification 
• Experience in design, implementation and support of Splunk core components, including indexers, forwarders, search heads, and cluster managers 
• Experience with configurations and administration of Splunk ingestion and forwarding for new and existing applications and data 
• Experience with troubleshooting Splunk dataflow issues between the various Splunk core components 
• Experience configuring and deploying data collection for a variety of operating systems and network platforms 
• Experience creating Dashboards and Analytics within SIEM tools 
• Experience working with monitoring systems supporting auditing, incident response, and system health 
• Understanding of networking components and devices, ports, protocols, and basic networking troubleshooting steps 
• The ability to troubleshoot issues with log feeds, search time, and field extractions 

• ability to articulate dashboards through presentations 
• excellent written and verbal communication skills 

• Bachelor's Degree in Computer Science, Engineering, Information Security, or a related discipline 
• Splunk certification 

• Designing, maintaining and troubleshooting the SIEM environment
• Develop advanced SIEM correlation rules, reports and dashboards to detect emerging threats
• Manage, develop and tune the scripts that integrate SIEM
• Design and generate data parsers as necessary to optimize ingestion of data from a wide variety of devices including servers, firewalls, Cloud Applications
• Maintain comprehensive documentation of security controls, policies, and procedures for SIEM environment. 
• Creating workflows for Incident Response within a SIEM Tool
• Assist with Incident response and Cyber investigations.

Department: Preferred Vendors
This is a contract to hire position