See more Collapse

Sr. Splunk Enterprise Security App Dev/Administrator

1 month ago

Seattle, United States ITmPowered, LLC Full time

Sr. Splunk Enterprise Security App Dev/Administrator (Remote) – ITmPowered

Sr. Splunk Enterprise Security Developer Administrator will develop, create, integrate, and administer a highly advanced Splunk Security application (eSAR) developed internally to detect improper access to protected data by employees and malicious user activity. Develop Splunk Apps and add-ons in support of Security Access cyber threat monitoring, threat management and data compliance across numerous business critical enterprise applications. Develop advanced Splunk ES Application functionality. Work with Splunk Developers using Agile development and administration using Agile project management methodologies. Work with the Splunk Engineering team, and support Splunk development, data integrations, and application administration using Agile methodologies. Splunk Enterprise Certified Architect OR Splunk Certified Developer required. Splunk Core Certified Consultant Preferred.

RESPONSIBILITIES:

Administering Splunk and Splunk App for Enterprise Security (ES) log management, ingestion, normalization.

Advanced Splunk analytics and the development and administration of custom Splunk applications.

Splunk data integrations with business-critical enterprise applications and systems.

Translating feedback from the business to Splunk technical requirement and solutions.

Develop specialized Splunk Security and Compliance applications, add-ons, data models, dashboards, content using Python, Splunk SPL, Splunk SimpleXML (OR JavaScript, CSS), Bash.

Develop custom Splunk applications and Add-Ons for inclusion of access events per use case criteria.

Leverage Modular design to onboard access/security logging applications and include in incident scoring.

Onboard access logging applications via modular design

Develop Splunk Risk scoring based on compliance conditions to determine suspicious access events.

Develop custom risk scoring to weed out white noise and only show actionable incidents to SOC Analysts.

Develop Dashboards for Security Analysts with detailed drill down capability for incident response.

Develop triage workflows for analysts to assign and track ongoing investigations.

Develop summary indexing enrichment of access events with IAM data, Application data, Break-the-Glass logs.

Aggregate access event data for specific criteria.

Enable fast searching across fully enriched access events over long periods of time.

Develop Break-the-Glass correlations in Splunk for contextual user access / app data mapping & monitoring.

Skills and experience:

Active Splunk Enterprise Certified Architect or Splunk Certified Developer – Required at a minimum.

Splunk Core Certified Consultant – strongly preferred.

Required Experience:

In addition to active Splunk certification(s), must also have experience with the following:

Python development – Proficiency in Python programming language

Splunk SimpleXML or web development (JavaScript, CSS)

Splunk app & add-on development

Splunk data modeling

Strong experience in Splunk development, building dashboards, reports and lookup tables.

Programming experience (Python and Splunk SimpleXML OR JavaScript, CSS)

Working knowledge of Splunk including SPL, indexers, forwarders, search heads

Experience in OOAD, agile processes, design patterns

Expertise in large scale cyber security data analytics, identifying data-driven threat collection opportunities.

Prior Information security analysis experience in a Cyber Security Operations Center (CSOC)

Soft skills

Ability to collaborate with others, leveraging many project approaches (Agile/Scrum, Waterfall, Gantt Charts)

Comfortable working remotely with team members around the country. Self-starter with intellectual curiosity

LOGISTICS:

Work remotely anywhere in Domestic US. Preferred locations Colorado or Georgia.

Contract role through end of the year with potential for extension and/or conversion to perm.

COVID-19 Vaccine and Booster Required – OR must provide valid medical exemption from doctor in advance.

Must be able to successfully pass a 12-panel drug screen, 10-year background check, employment verification.

You will need to be a current US Citizen or valid Green Card holder. No need for visa now or in future. This role is not able to offer visa transfer or sponsorship now or in the future.

W2 only – No sub vendors. Sponsorship NOT available.

Must have direct contact information on resume (phone / email) to be considered.

#J-18808-Ljbffr

We have other current jobs related to this field that you can find below

  • Sr. Splunk Enterprise Security App Dev/Administrator

    1 week ago

    Seattle, Washington, United States ITmPowered, LLC Full time

    Sr. Splunk Enterprise Security App Dev/Administrator (Remote) at ITmPoweredWe are looking for a Senior Splunk Enterprise Security Developer Administrator to join our team. In this role, you will be responsible for developing, integrating, and administering a highly advanced Splunk Security application internally. Your main focus will be on detecting improper...

  • Sr. Splunk Enterprise Security App Dev/Administrator

    1 month ago

    Seattle, United States ITmPowered, LLC Full time

    Sr. Splunk Enterprise Security App Dev/Administrator (Remote) - ITmPowered Sr. Splunk Enterprise Security Developer Administrator will develop, create, integrate, and administer a highly advanced Splunk Security application (eSAR) developed internally to detect improper access to protected data by employees and malicious user activity. Develop Splunk Apps...

  • Sr. Splunk Enterprise Security App Dev/Administrator

    4 weeks ago

    Seattle, United States ITmPowered, LLC Full time

    Sr. Splunk Enterprise Security App Dev/Administrator (Remote) - ITmPowered Sr. Splunk Enterprise Security Developer Administrator will develop, create, integrate, and administer a highly advanced Splunk Security application (eSAR) developed internally to detect improper access to protected data by employees and malicious user activity. Develop Splunk Apps...

  • Splunk Consultant

    1 month ago

    Seattle, United States TEKsystems Full time

    Description: Our client is looking for a motivated engineer to become a core member of the Cyber Enablement team, specifically in Enterprise Security, guiding the enterprise organization to improve the practice of security observability. As a SIEM Engineer focused on Splunk ES for Cyber Enablement, you will work closely with the Tech Security and...

  • Splunk Consultant

    4 weeks ago

    Seattle, United States TEKsystems Full time

    *Description:* Our client is looking for a motivated engineer to become a core member of the Cyber Enablement team, specifically in Enterprise Security, guiding the enterprise organization to improve the practice of security observability. As a SIEM Engineer focused on Splunk ES for Cyber Enablement, you will work closely with the Tech Security and...

  • Splunk Consultant

    3 weeks ago

    Seattle, United States TEKsystems Full time

    Description: Our client is looking for a motivated engineer to become a core member of the Cyber Enablement team, specifically in Enterprise Security, guiding the enterprise organization to improve the practice of security observability. As a SIEM Engineer focused on Splunk ES for Cyber Enablement, you will work closely with the Tech Security and Compliance...

  • Sr. .Net Dev

    1 week ago

    Seattle, Washington, United States Georgia IT Inc Full time

    Sr. .Net Dev / Architect with Azure or AWS - must be willing to do 2-hour coding interview. Location - Seattle, WA - Remote - must be willing to work PST Duration - 6 months + USC & GC Preferred. No Third-party C2C available for this job Required Experience Looking for 10+ years' experience. 6+ years of experience advanced working as an SDE at an Enterprise...

  • Senior Product Manager

    1 week ago

    Seattle, Washington, United States Splunk Inc Full time

    Senior Product Manager - Federated SearchWelcome to Splunk! We are on a mission to contribute to a safer and more resilient digital world. Our Unified Security and Observability Platform is trusted by over 11,000 enterprise organizations to ensure the security and reliability of their systems. At Splunk, we take pride in our winning culture and being...

  • Senior Product Manager

    2 weeks ago

    Seattle, United States Splunk Inc Full time

    Senior Product Manager - Federated SearchA little about us. Splunk is here to build a safer and more resilient digital world. We’re proud to say that we’re the key to enterprise resilience for more than 11,000 enterprise organizations that use our Unified Security and Observability Platform to keep their systems secure and reliable. We’re also proud of...

  • Manager, Digital Sales

    2 weeks ago

    Seattle, United States Splunk Full time

    Job Title: Manager, Digital Sales Splunk is here to build a safer and more resilient digital world. The world's leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. While customers love our technology, it's our people that make Splunk stand out as an amazing career destination and why...

  • Business Development Representative

    1 week ago

    Seattle, Washington, United States Splunk Full time

    Splunk is here to build a safer and more resilient digital world. The world's leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. While customers love our technology, it's our people that make Splunk stand out as an amazing career destination and why we've won so many awards as a best...

  • Manager, Digital Sales

    3 weeks ago

    Seattle, United States Splunk Inc Full time

    Job Title: Manager, Digital SalesSplunk is here to build a safer and more resilient digital world. The world's leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. While customers love our technology, it's our people that make Splunk stand out as an amazing career destination and why we've...

  • Direct Client

    2 weeks ago

    Seattle, United States The AES Group Full time

    Title: Sr Azure DevOps engineer (DevOps, Kubernetes, Service Fabric, Python, Automation, Pipelines, and Scripting) Location: Hybrid (Seattle, WA) (Looking for locals or who can relocate) Duration: 12+ months (Extension possible) Job Description As a Sr Systems Engineer, you will partner with developers and software engineers to enable DevOps services and...

  • Direct Client Sr Azure DevOps Engineer

    3 weeks ago

    Seattle, United States The AES Group Full time

    Title: Sr Azure DevOps engineer (DevOps, Kubernetes, Service Fabric, Python, Automation, Pipelines, and Scripting) Location: Hybrid (Seattle, WA) (Looking for locals or who can relocate) Duration: 12+ months (Extension possible) Job Description As a Sr Systems Engineer, you will partner with developers and software engineers to enable DevOps services and...

  • Direct Client – Sr Azure DevOps Engineer

    1 month ago

    Seattle, United States The AES Group Full time

    Title: Sr Azure DevOps engineer (DevOps, Kubernetes, Service Fabric, Python, Automation, Pipelines, and Scripting)Location: Hybrid (Seattle, WA) (Looking for locals or who can relocate)Duration: 12+ months (Extension possible)Job DescriptionAs a Sr Systems Engineer, you will partner with developers and software engineers to enable DevOps services and...

  • Direct Client – Sr Azure DevOps Engineer

    3 weeks ago

    Seattle, United States The AES Group Full time

    Title: Sr Azure DevOps engineer (DevOps, Kubernetes, Service Fabric, Python, Automation, Pipelines, and Scripting)Location: Hybrid (Seattle, WA) (Looking for locals or who can relocate)Duration: 12+ months (Extension possible)Job DescriptionAs a Sr Systems Engineer, you will partner with developers and software engineers to enable DevOps services and...

  • Sr Systems Engineer

    1 month ago

    Seattle, United States Saxon Global Full time

    Sr Systems Engineer Local (In the Office One Day a Week) 10 months, possible extension Top 3 must-have hard skills: 1 Scripting 5+ 2 Cloud 5+ 3 Security 5+ Disqualifiers?: •No App Dev developers! •Not willing to commute to the office Technology requirements?: •Scripting experience •Experience in security and focus on windows operating system...

  • Sr Systems Engineer

    3 weeks ago

    Seattle, United States Saxon Global Full time

    Sr Systems Engineer Local (In the Office One Day a Week) 10 months, possible extension Top 3 must-have hard skills: 1 Scripting 5+ 2 Cloud 5+ 3 Security 5+ Disqualifiers?: •No App Dev developers! •Not willing to commute to the office Technology requirements?: •Scripting experience •Experience in security and focus on windows operating system...

  • Senior Software Security Engineer

    4 weeks ago

    Seattle, United States Cash App Full time

    Job DescriptionJob DescriptionCompany DescriptionIt all started with an idea at Block in 2013. Initially built to take the pain out of peer-to-peer payments, Cash App has gone from a simple product with a single purpose to a dynamic ecosystem, developing unique financial products, including Afterpay/Clearpay, to provide a better way to send, spend, invest,...

  • Senior Software Security Engineer

    3 weeks ago

    Seattle, United States Cash App Full time

    Job DescriptionJob DescriptionCompany DescriptionIt all started with an idea at Block in 2013. Initially built to take the pain out of peer-to-peer payments, Cash App has gone from a simple product with a single purpose to a dynamic ecosystem, developing unique financial products, including Afterpay/Clearpay, to provide a better way to send, spend, invest,...