Job description

Requirements

  • Entry level
  • No Education
  • Salary to negotiate
  • Ashburn

Description

What you’ll be doing...
The Principal Splunk Engineer is a critical part of our Enterprise Managed Security Services (MSS) team and will spend a majority of the time optimizing the Splunk back end platform, creating automated scripts for Splunk, advanced troubleshooting, and working with Security Analysts during complex network threat investigations.
The Managed Security Services team is responsible for protecting the client’s intellectual property, network and computing assets, employee data, and corporate brand from the threats seen in an evolving security landscape. You will be a technical resource for in-depth security incident analysis and security consulting for customers. You will be an expert in Splunk policy tuning, incident management, and security analytics.
Helping the Security Operations Center (SOC) team detect and respond to security incidents, investigate indicators of compromise and advanced persistent threats against the clients
Partnering with the client’s IT, Security Operations, and Incident Response teams to remediate these threats against their assets
Regularly reviewing the security policies and configurations on the platforms with the clients to meet the challenges posed to the client’s network and to mitigate with the existing technologies deployed
Providing advanced security incident analysis, research, and evaluation to complement the escalations provided by our SOC
Handling the backend Splunk administration and tuning
Developing and performing advanced or custom queries to correlate data across multiple systems or formats
Providing guidance and recommendations on risk and security posture at the client’s site
Providing functional expertise for customer projects that contain in-scope security requirements
Consulting, determining level of effort, specifying equipment, and implementing recommendations and guidance
Proactively or reactively generate proposals for recommended, corrective courses of action based on security incidents or RCA reports
Consulting with SOC support personnel on most pertinent security incidents, and providing customers with remediation recommendations
Consulting, mentoring and training internally to interact and assist other MSS personnel as a technical escalation point for complex security architecture review and operational enhancement
Using reports and summaries to identify ongoing items affecting customers or systemic problems in event generation, normalization, or presentation
Collaborating with IT development, intelligence teams, and content creation teams to identify and correct bugs, improve threat detection content, or introduce new features
Developing resolutions to complex problems that require the frequent use of creativity\
The ITIL certification is a departmental development benchmark. All security analysts and engineers are required to obtain an ITIL Foundation certification within one year of their start date.
What we’re looking for...
You’ll need to have:
Bachelor’s degree or four or more years of work experience
Six or more years of relevant work experience as a Splunk Engineer, Analyst, or Architect
Experience with security incident analysis, intelligence collection, auditing, or reporting process/procedures
Experience scripting or coding in one or more languages such as Perl, Python, Bash/UNIX shell, and/or SQL
Experience with linux command line skills and experience with tools such as grep, awk, sed, yum, and/or apt
ITIL v3 certification, or the ability to obtain the certification within one year of hire date
Even better if you have:
Master’s degree in Cybersecurity, Information Assurance, Computer Science or other technical field
Seven or more years of experience as a Splunk Engineer, Analyst, or Architect
Seven or more years direct experience in security incident analysis, intelligence collection, auditing, or reporting process/procedures
Splunk Certified Administrator or Architect
Expert level understanding of security threats and how to mitigate those threats
Administration experience with enterprise security products from vendors such as Fortinet, Palo Alto, Cisco, Check Point, Bluecoat, FirePOWER, Cylance, or Tanium
Experience performing data analysis using Elasticsearch/Kibana or Oracle BI
Experience using issue or project tracking tools such as Bugzilla, Jira, or similar
Experience using common software development tools such as git or mercurial
Experience deploying, securing, or managing virtual machines on VMware,

About the company

For more than 100 years, Verizon has been at the center of the communications revolution.
Verizon is one of the largest communication technology companies in the world.

We help people, businesses and things communicate better.

The digital world promises consumers a better, more connected life, and we’re the ones delivering it. We make it possible for people to stay in touch and businesses to connect with their customers. We’re also bringing technology and hands-on learning opportunities directly to kids who need it most. Our goal is to inspire tomorrow’s creators to use technology to build brighter futures for themselves, their families and the world.

Companies in this sector