Previous Job
Splunk Enterprise Security Admin
Ref No.: 18-17153
Location: Stamford, Connecticut
The Splunk Enterprise Security Admin will perform enhancements, upgrades, and expansions to a large enterprise-scale Splunk Enterprise Security implementation in a Search Head Cluster. He or she will drive new technical integrations and best practices, assist with migration to the cloud, ensure robust searching and alerting across clusters, and troubleshoot issues as needed. The Splunk Enterprise Security Admin provides guidance and support to the Splunk Operations team and partners closely with the Security Content team, AWS Cloud team, Identity and Access Management, and the Splunk Development teams to enhance practices and ensure that Splunk is performing exceptionally well and reliably across the enterprise.

• 3+ years' experience configuring and managing Splunk
• 2+ years' experience as Splunk Admin, Architect or security content developer
• 1+ years' experience with Enterprise Security Administration
• Certified as either Splunk Admin or Power User
• Bachelor's Degree and a minimum 5 years of information technology experience or, in lieu of a Bachelor Degree, a High School Diploma/GED and a minimum of 9 years of information technology experience

"• Experience as Splunk Enterprise Security Admin in an Enterprise-scale environment
• Experience with Splunk Cloud
• Proficient with SAML, python, JavaScript and REST
• Proficient with automation tools – Chef, Ansible
• Experience with Agile Management Principles
• Experience with Version Control tools – Git, Bitbucket
• Expertise in Data Management and Enrichment
• Expertise in security data sources and use cases
• Knowledge of Data Analytics
• Results driven, strategic, conceptual, and innovative thinker
• Excellent consulting skills and superior ability to develop and maintain effective client relationships
• Ability to work independently as well as part of a team
• Highly analytical, detail-oriented, and strong problem solving with a common-sense approach to resolving problems
• Expertise to clearly define complex issues despite incomplete or ambiguous information
• Strong oral and written communications skills
• Strong interpersonal and critical thinking skills
• Excellent communication and relationship building skills
• Expert knowledge of Splunk Development, including scripting and api development
• Strong analytical skills. "

"• Manage and implement upgrades, enhancements, and expansions for Splunk Enterprise Security in a search head cluster environment
• Provide end-to-end technical oversight across security-relevant Splunk technology add-ons and knowledge objects
• Collaborate to ensure integration of all security tools, including security orchestration tools and threat intelligence feeds, as well as asset and identity data
• Support development of scripts (python, JavaScript, etc.) as needed in support of data collection or integration
• Develop searches, reports and dashboards as needed in support of the detection team and Joint Security Operations Center
• Manage access controls for the Enterprise security cluster
• Perform capacity planning and integration across the environment
• Maintain documentation including Management Guides, Operation Plans, Workflows, Processes, and Continuity of Business Plans "