Senior level Splunk developer

Hi Team
Pay Rate $63/hr. C2C
Client : Vanguard

Senior level Splunk developer, familiar with general security concepts, writing SPL, building alerts, searches, reports, dashboards, etc.

Also, the position is for TX and/or NC office.

quick clarification on the work location ..if we find the right candidate we can hire in PA as well but ideally, we would prefer 1-Tx office, 2-NC office, 3-Pa office.

Also, the successful candidate will be expected to be on-site 3 days a week (tues, wed, thurs).

Demonstrated initiative and ability to work independently with attention to detail.

Demonstrated ability to be flexible and exercise good judgment.

Demonstrated strong organization and time management skills.

Excellent multitasking and time management skills.

Experience with Splunk or other SIEM products.

Experience with query languages.

Responsibilities

To perform network and endpoint threat hunting and creating and maintaining Vanguard's SIEM correlation rules, reports and dashboards. To provide automation for SOC processes and creating and maintaining SOC standard operations procedures.

Qualifications

Works with IT Platform, Application, System and Network teams to review Logical, Physical and Data architecture diagrams. Normalizes endpoint behavior, data access and network traffic. Implements security monitoring and documents standard operations procedures for the Incident Management Team.

Implements security monitoring rules, reports and dashboard while maintaining best practices to ensure maximum security tool efficiency. Monitors security systems, analyzes events and investigates security-related incidents.

Creates Threat Hunting models for Endpoints and Network Traffic. Analyzes endpoint including logging, EDR, IPS and DLP tools. Analyzes network monitoring including IPS, WAF, PCAP and Netflow tools. Focuses on critical systems within Vanguard's network to detect, respond and handle incidents related to unauthorized activity, malware, and APTs

Keeps management within the department informed by communicating progress, issues, concerns and opportunities. Assesses and immediately notifies manager of any potential information security breech and security issues that may have a negative impact on business operations.

Identifies opportunities to improve the quality, efficiency and effectiveness of the department as well as the processes that affect the divisions and the enterprise. Maintains an awareness of the department's dashboard and provides suggestions to improve performance.

Identifies Tactical Intelligence relevant to Vanguard systems. Works with Incident Management and Threat management to follow incident response procedures to ensure proper detection, mitigation controls.

Escalates internal threat issues to the Insider Threat Team.

Participates in special projects and performs other duties as assigned.