Senior Splunk Engineer (SIEM) (REMOTE & W2 ONLY)

Company:  Milestone Technologies, Inc.
Location: Chicago
Closing Date: 02/11/2024
Hours: Full Time
Type: Permanent
Job Requirements / Description

Senior Splunk Engineer (SIEM)

REMOTE Nationwide but prefer candidates in Silver Spring; MD

6 Months Contract with possibility of extension and/or Conversion


Overview:

The Security Tools Engineer administers, monitors, and maintains security infrastructure, which includes but is not limited to application and container security tools, security orchestration solutions, security information and event monitoring (SIEM), Network Security Tools, system logging and analysis, endpoint security tools, and vulnerability management systems. The position also assists in implementing and maintaining corporate security standards, technologies, and programs.


The Security Operations Engineer plays a key role in the information security team, ensuring that security best practices are followed and that tools and processes that support a secure platform are maintained and kept up to date. Ideal candidates will have a mix of security and systems engineering backgrounds to ensure that business processes are configured correctly and that security best practices are designed and implemented. Candidates will also possess exemplary communication skills to articulate and disseminate security policy to the business.


Responsibilities

  • Build and maintain complex technical infrastructure that supports a secure platform that protects our data at rest and in transit.
  • Work closely with Enterprise and business owners to identify endpoint coverage scope, strong analytical skills related to working with operating systems and security toolsets.
  • Provide technical guidance on industry tools and best practices in the field of endpoint security.
  • Monitor and maintain security tools that instrument security policies and capabilities.
  • Provide expertise in the field of managing enterprise security systems, specifically the ability to determine the least business impactful way of implementing security tools and features.
  • Improve efficiencies using automation and orchestration solutions to reduce manual work that can be done programmatically.
  • Administration of system infrastructure that is hosted within a public/private/hybrid infrastructure.
  • Remain current with new security trends, continuously assessing systems to ensure they are appropriately configured to defend the business.
  • Experience in deploying and correlating threat intelligence and vulnerability management solutions.
  • Provide expertise in day-to-day security operations such as onboarding/offboarding of security endpoint agents, user access management, systems’ security and administration, configuration changes, system upgrades, ensuring 24x7 systems availability & DR, etc.
  • Serve as a point of contact for incident response analysts, security operations center (SOC) analysts, application engineers and security management.


Technology Requirements

  • Splunk Admin Certified and nice to have AWS certifications
  • Extensive experience with Cloud infrastructure (AWS preferred) - EC2, ECS, Route53, SNS, Lambda, CloudWatch, Secrets Manager, RDS, etc.
  • Extensive experience with configuration management tools, such as Ansible or Chef and infrastructure as code tools such as Terraform or CloudFormation.
  • Experience with scripting languages such as Python or Go
  • Experience in administering SIEM solutions in an enterprise environment including configuring and customizing log data ingestion.
  • Experience in managing a variety of security tools and technologies (SOAR, SIEM, etc.)
  • Experience in configuring authentication and authorization concepts (RBAC, IAM)
  • Extensive experience in Splunk and related SIEM and SOAR technologies (Cribl, Demisto)
  • Experience integrating internal platforms with SaaS Solutions such as Tenable and Sentinel One.
  • Experience building Docker containers.


Exceptional verbal and written communication skills, specifically the ability to communicate within the context of the intended audience, whether that be senior executives or highly technical engineering resources.


Compensation:

The estimated pay range for this position is USD $90.00/hr - $100.00/hr and is an Exempt role.

Exact compensation and offers of employment are dependent on circumstances of each case and will be determined based on job-related knowledge, skills, experience, licenses or certifications, and location.


Benefits:

We offer comprehensive benefit options which vary depending on role, location, and employment type. The Talent Acquisition Partner can share more details about compensation or benefits for the specific role during the hiring process.

Apply Now
An error has occurred. This application may no longer respond until reloaded. Reload 🗙