New Opportunities

Join our growing team of talented technology leaders.

Security Analyst (SIEM Administrator)

Boca Raton, FL Posted: 01/16/2022


Knowledge, Skills and Abilities

  • Must have 5 to 7 years hands-on experience with Splunk.
  • Must have 5 to 7 years’ experience with Unix (RedHat), Windows, VMWare and other platforms.
  • Working 2 to 3 years’ working experience with vulnerability scanning tool (Rapid7 Nexpose preferred).
  • Must have advanced understanding of database environments such as SQL, Oracle etc.

Roles & Responsibilities

  • Security Analyst will focus on advance Splunk administration, configuration, and development efforts, with a goal towards enhancing and further refine Splunk infrastructure as it relates to application, machine logs, troubleshooting, reporting, customer queries, and building dashboards.
  • Focus on continual evaluation and process improvement and maximizing Splunk capabilities to increase value to Information Technology cross functional teams.
  • Assist the SRCO team with investigations, triage forensic analysis, and evidence preservation.
  • Perform threat intelligence and hunting by leveraging in place security tools.
  • Standardize Splunk agent deployment, configuration, log aggregation, and maintenance across a variety of platforms to include UNIX, Windows, VMWare, SQL, Oracle, and Data Storage environments.
  • Troubleshoot Splunk server and agent problems including on-point for escalation for Splunk operations support.
  • Monitor the agents and server infrastructure for capacity planning and optimization.
  • Design Splunk dashboards for monitoring PCI-DSS, Financial, including Perimeter Security environments and as required.
  • Design and maintain support for SaaS environments to ensure appropriate logging and monitoring is maintained.
  • Ensure that Splunk environment maintains a viable failover environment which is tested on a regular basis.
  • Perform vulnerability scans for applications, databases, and server environments aligned with PCI-DSS standards and industry best practices.
  • Work with respective Information Technology cross functional teams to ensure remediation of identified vulnerabilities are remediated within timeframes outlined by PCI-DSS standards and industry best practices.
  • Perform cross functional training for other SRCO team members in Splunk tool management and monitoring.
  • Provide support to Firewall administrator work with SRCO team assist with forensic analysis, investigations.
  • Ensure compliance with established standards, policies, and configuration guidelines established by SRCO and industry best practices.

Education

  • 4 year degree or equivalent experience.

Certification

  • CISSP (Certified Information Systems Security Professional)
  • Splunk Enterprise Certified Administrator (preferred)
  • Splunk Enterprise Security Certified Administrator (preferred)
Back to Current Openings
Apply Online

Think you might be a good fit for this job? Apply online using the form below. We look forward to hearing from you!