Role SPLUNK SME (Specialist)Location(onsite/Remote) Wilmington, DelawareRate: CBR has to be $/Hr150K FTE The Security Consultant will work closely with Management, Senior Engineers, Threat Analysts, Solution Architects, and other Security Engineers at client side, Provide operational support & guidance to existing team to manage - Splunk SIEM, Troubleshoot operational issues for SPLUNK SIEM tool. Should be able to create relevant use cases for Splunk & fine tune existing use cases.
Qualifications:- 3+ years professional experience managing and maintaining SPLUNK SIEM tool.
- 1+ years professional experience working with networks and network architecture.
- 2-3 years profession experience working in the Security field
- 1+ year professional experience writing SIEM content.
- Prior experience in a technical team leadership role.
- College degree or equivalent training with experience working in a Security Operations Center, Managed Security, or client network environment.
- Advanced information security knowledge in one or more areas such as Enterprise end-point security products (i.e. McAfee e-Policy Orchestrator, Virus Scan, Anti-Spyware, Host Data Loss Protection, Endpoint Encryption, etc.) Security Information and Event Manager (SIEM), to include: NitroSecurity ArcSight Q1 Labs RSA Envision Network Firewall, Web Proxy, E-Mail and Web Gateway etc. to include: Palo Alto / Checkpoint / Juniper / McAfee / Cisco / Blue Coat / Imperva.)
- Experience with Linux and Windows OS.
Minimum Eligibility: - 2+ years' experience managing and configuring the Enterprise Security Application
- Certified Splunk Admin at a minimum, Certified Architect or Equivalent Accreditation preferred
- ·Knowledge of Linux and Windows Operating Systems.
- ·An understanding of a wide array of server grade applications such as: DBMS, Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others.
- Experience with various SIEM security products such as: ArcSight, QRadar, Nitro, Splunk, Log Rhythm and infrastructure components such as proxies, firewalls, IDS/IPS, DLP etc.
- Familiarity with DevOps
