Splunk Service Engineer

ECS is seeking a Splunk Service Engineer to work in our Morrisville, NC or Washington, DC office. Job Description:ECS is looking for a Splunk Service Engineer responsible for tuning and configuration of Splunk for Enterprise Security (ES) services, develop use cases with CISO end users to build content and assist in developing advanced security use cases. Participate in requirements gathering, solutions architecting, design and build of technology solutions to support Continuous Monitoring Program.Required Skills:Eligible to obtain a Public Trust clearanceBachelor''s DegreeDevelop and Implement Actionable Alerts and Workflow for Splunk as a CISO Monitoring toolDevelop and Implement Apps & Knowledge Objects (KO) like Dashboard, Reports, Data Models Configure incident response and remediation workflows for ESWork with the Splunk Architect/Admin to promote private KO to Global KOEvaluate enterprise security risks and identify recommendations for maturing and evolving Continuous Monitoring Program to facilitate proactive identification and mitigation of risk.Develop risk rules and risk incident rules to correlate and alert to significant cyber events.Develop custom dashboards specific to RBA to highlight risk detail, health analysis and risk suppression.Develop workflow actions to display details around a risk alert.Assist and/or train CISO Splunk Engineering team on Data Lifecycle SupportAssist and/or train CISO Engineering team and analysts on Content DevelopmentDevelop and implement automation and efficiencies with Splunk and CISO workflowProvide Analyst training and workshops on using SplunkReview new content, alerts and data sources with CISO Analysts.Assist in development of advanced security use cases in SplunkUnderstanding of network protocols.Work with CISO Operations and Engineering to gather requirements for building content and use cases in Splunk.Have strong communication and collaboration skills, both oral and written, with excellent interpersonal and organizationECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3000+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.

Created: 2021-11-29