Splunk Engineer
Rackspace Technology
CloudDNSFirewallsJavaScriptLinuxPerlPythonShell ScriptingSplunkUnix
Senior Security Operations Engineer
Optiv
full-time
Posted on:
Location Type: Remote
Location: Remote • Massachusetts, Montana, Texas, Utah • 🇺🇸 United States
Visit company websiteJob Level
Senior
Tech Stack
ApacheDNSFirewallsLinuxPythonRubySMTPSplunkSQL
About the role
- Serve as a primary responder for AFC customer systems, taking ownership of client configuration issues and tracking through resolution.
- Act as a point of escalation for junior level Engineers and provide guidance and mentoring.
- Advise best practice on SIEM/MDR/SOAR products to both technical and relatively non-technical personnel.
- Provide remote consulting services via interactive client sessions to assist with implementation of multiple product vendors and technologies.
- Implement and configure SIEM/MDR/SOAR software and appliance-based products in large enterprise and Government environments.
- Develop and maintain security content and reporting.
- Perform knowledge transfers to clients regarding security and system configuration awareness.
Requirements
- 4-7 years professional experience maintaining SIEM or infrastructure systems in the Information Security field.
- Minimum 18-months hands-on experience in Google SecOps.
- College degree or equivalent training with experience working in a Security Operations Center, Managed Security, or client network environment.
- Understanding of network architecture and implementation; experience with network security analysis.
- Excellent time management, reporting, and communication skills.
- Superior IT problem-solving skills.
- Experience with SIEM content and reporting.
- Experience working with Linux OS.
- Experience writing/developing scripts (e.g. python, bash, ruby, powershell).
- Experience working with Internal and client Ticketing and Knowledge Base Systems (i.e. Jira, Confluence, etc.).
- Experience with various SIEM security products such as: Exabeam, Chronicle, Sentinel, LogRhythm, QRadar, Splunk.
- Experience with infrastructure components such as proxies, firewalls, IDS/IPS, DLP etc.
- General security knowledge (GIAC, CISSP, CCSE, CISA, HBSS, NSA, CEH, Cisco Security, Security +, or other security certifications).
- Knowledge of Linux and Windows Operating Systems.
- Understanding of server grade applications such as DBMS, Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others.
- Training and experience in one or more non-SIEM network security products including Endpoint security, Palo Alto / Checkpoint / Juniper / McAfee / Cisco / Blue Coat / Imperva or similar.
- Certifications: CCNA, CCDA, CCSA, CCIE, CISSP, CEH, or MCSE.
- Familiarity with DevOps
- Ability to participate in on-call support
- Demonstrated experience and success in a Managed Service client environment
- Ability to work greater than 40 hours per week as needed
Benefits
- Work/life balance
- Professional training resources
- Creative problem-solving and the ability to tackle unique, complex projects
- Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
- The ability and technology necessary to productively work remotely/from home (where applicable)
ATS Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
SIEMMDRSOARGoogle SecOpsLinuxPythonBashRubyPowerShellNetwork Security Analysis
Soft skills
Time ManagementReportingCommunicationIT Problem-SolvingMentoringClient ConsultingKnowledge TransferGuidance
Certifications
GIACCISSPCCSECISAHBSSNSACEHCCNACCDAMCSE
Similar jobs on JobTailor
Security Engineer
Galaxy
AWSAzureCloudGoogle Cloud PlatformPythonSplunkSQL
Security Operations Center Analyst
Peak Support
CloudCyber SecurityDNSFirewallsJavaScriptSplunkTCP/IP
CyberArk Engineer
MBL Technologies Inc.
AWSAzureCloudCyber SecurityFirewallsJavaScriptLinuxSplunkSQL
Network Administrator III
ValidaTek, Inc.
AWSCloudOracleServiceNowSplunkSQL