Splunk Engineer - Consultant - Remote

Overview

The Splunk Engineer will be part of a team maintaining various client's Splunk instances with a focus on data on-boarding, content development, reporting, and visualizations.

In Short

• Join a team of Splunk Engineers at True Zero Technologies.
• Maintain and enhance clients' Splunk instances.
• Focus on data onboarding and content development.
• Collaborate with the Splunk Architect/Admin.
• Develop actionable alerts and workflows.
• Implement machine learning models for anomaly detection.
• Support CISO teams with training and workshops.
• Work with various stakeholders for event logging.
• Utilize Risk-Based Alerting effectively.
• Access to a community-driven knowledge base and tools.

Requirements

• US Background Check Required.
• Experience with Risk-Based Alerting.
• Accredited Enterprise Security Administrator in Splunk.
• Splunk Core Certified Consultant.
• 3-5 years of hands-on experience preferred.
• Experience ingesting logs via Cribl.
• Ability to develop and implement custom dashboards.
• Understanding of network protocols and event telemetry.
• Experience with automation to improve workflows.
• Capability to develop risk rules for significant cyber events.

Benefits

• Access to a community of driven professionals.
• Opportunities for collaboration and growth.
• Access to internal knowledge-sharing tools.
• Support for professional skill development.
• Recognition as a top workplace.