Splunk Enterprise Security Engineer - Reston, VA (Only local candidates)

• We are seeking a skilled and proactive Splunk Engineer to join our Information Security Engineering team.
• This role is responsible for managing and optimizing our Splunk environment, developing dashboards, integrating logs, and supporting enterprise security initiatives.
• The ideal candidate will have strong troubleshooting skills, experience with performance tuning, and a solid understanding of AWS and Python scripting.
• He should have Developer and Admin Experience

• Troubleshooting Splunk Issues
• Diagnose and resolve performance, indexing, and search-related problems.
• Monitor Splunk health and optimize system reliability.
• Dashboard Development
• Design and implement custom dashboards using Splunk's visualization tools.
• Translate business requirements into actionable insights.
• Performance Tuning
• Optimize search queries and indexing strategies.
• Improve data ingestion and system responsiveness.
• Address Vulnerability
• Managing Enterprise Security
• Utilize Splunk Enterprise Security (ES) for threat detection and incident response.
• Develop correlation searches and risk-based alerting.
• Log Integration with Splunk
• Onboard logs from various sources (servers, cloud platforms, applications).
• Normalize and parse data using props and transforms.

• AWS Knowledge
• Experience integrating AWS services (CloudTrail, CloudWatch, S3, etc.) with Splunk.
• Familiarity with cloud architecture and security best practices.
• Scripting Experience (Python)
• Automate Splunk tasks and data processing using Python.
• Develop custom scripts for data enrichment and API integrations

Lorven Technologies