Splunk Security Analyst III

Key Responsibilities:

• Partner with system owners and correct any logging issues
• Perform daily system audit reviews for compliance
• Partner with system owners to correct any issues with data ingestion
• Maintain Splunk systems internal documentation, including SOP’s and design documents
• Create and optimize searches
• Work with Splunk Engineers to Ensure all data is CIM compliant
• Assist in the proper operation and performance of Splunk, Search Heads and data models
• Works with supervisors to set goals and priorities for individual work and manages time efficiently to accomplish goals.
• Remains focused without becoming sidetracked by non-urgent or less important tasks or interruptions.
• Demonstrates punctuality and reliability in meeting individual deadlines; completes tasks in a timely manner.
• Recognizes presenting business issues impacting own work.
• Gathers data/information on potential ideas and solutions to address the business need.
• Documents components of the business case for change at the direction of more senior colleagues.
• Meets with customers to discuss needs and seek feedback on value of products or services.

Qualifications:

• 5+ years of IT experience in a technical position
• 2 years of hands-on experience with Splunk Enterprise Security
• Certified Splunk Administrator/Enterprise Security Analyst
• Background working as an Enterprise Security Analyst
• Knowledge and Experience working with Splunk API
• Working knowledge of regex
• Working knowledge of JSON and XML formats
• Verbal/written communication skills, e.g. working with customers/users who are not as familiar with Splunk
• Experience with scripting languages (Perl, Bash, PowerShell, Python, Shell) 


Discover your inner Racker: Racker Life