Wood Consulting
Location
Annapolis Junction, MD | United States
Job description
SIEM (Security Information & Event Management) Engineer / Splunk Certified Admin
woodcons.com
Seeking a Security Information & Event Management Engineer / Splunk Certified Administrator.
Security Clearance Requirements:
This position requires candidates to be U.S. Citizens and possess a TS/SCI Security Clearance with an appropriate Polygraph.
Required Education & Years of Experience
Required Skills
At least 2 years of experience with one or more of the following: StealthWatch, TripWire, Zenoss, ArcSight, Splunk.
Experience in design, implementation, and support of Splunk core components, including: indexers, forwarders, search heads, and cluster managers.
Experience with configuration and administration of Splunk ingestion and forwarding for new and existing applications and data.
Experience with troubleshooting Splunk dataflow issues between the various Splunk core components.
Experience configuring and deploying data collection for a variety of operating systems and networking platforms.
Experience creating Dashboards and Analytics within SIEM tools.
Experience working with monitoring systems supporting auditing, incident response, and system health.
Understanding of networking components and devices, ports, protocols, and basic networking troubleshooting steps.
The ability to troubleshoot issues with log feeds, search time, and field extractions.
The ability to troubleshoot problems related to data solutions.
Desired Skills
Desired Certifications
Security+ Certification.
GIAC Certified Incident Handler Certification.
GIAC Cyber Threat Intelligence Certification.
Cybersecurity certifications.
WOOD is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.
Job tags
Salary