IT - Systems Integration
Jan 18, 2020
Our client is a leader in Cyber security. Working out of their head office in West GTA, they are seeking contract or permanent Splunk experts.
Being a security consultancy, you would be working directly with clients. The Splunk Cyber Security Consultant is responsible for providing security advisory services for various projects and initiatives, such as cyber security assessments, information security policy and framework development, security roadmap design, privacy and risk assessments, threat modelling and materiality determination, security solution design and implementation, and similar such projects including medium to long-term assigned consulting engagements. This role requires an individual who understands the various challenges and risks that organizations have in consistently implementing security policies and standards and measuring the effectiveness of implementation.
- Understand requirements, participating in creating/proposing solutions to deploy and expand Splunk infrastructure in a highly resilient configuration
- Architect, engineer, implement complex Splunk Enterprise environment designed to meet security and compliance requirements for our clients
- Create and document architectures and configurations for Splunk deployments
- Install and configure Splunk components as per architected solution
- Work closely with other technical teams to provide recommendations and guidance on required configurations to deploy Splunk
- Recommend and implement strategies to collect logs from variety of systems in medium and large networks
- Standardized Splunk agent deployment, configuration and maintenance across a variety of UNIX and Windows platforms
- Working with multiple data sources to import the data, parse/clean and index it as required
- Configure file and directory inputs.
- Configure network inputs.
- Configure Windows inputs.
- Configure source types.
- Manage indexes, set retention policies, manage data archival and move to frozen state.
- Add/modify/remove alerts
- Create and manage dashboards
- Manage integrations to other event and service management tools
- Create/modify search jobs schedules
- Configuring data forwarding
- Design and develop Splunk reports, dashboards, applications
- Troubleshoot Splunk server and agent problems and issues
- Support Splunk on Unix, Linux and Windows-based platforms
- Complete assignments in work request queue in a timely manner
- Other duties as assigned.
Required Skills / Experience:
- Bachelor’s degree or post-secondary diploma in Computer Engineering, Computer Science or related field
- Minimum 5 years IT Operations or Information Security Operations experience
- Minimum 2 years Splunk experience
- Experience in technical systems consulting
- Highly proficient in Splunk administration, SPL and creating reports/dashboards
- Highly proficient in UNIX/Linux environment and shell scripting
- Be self-motivated and willing to work collaboratively with both customers and fellow colleagues
- Be organized with a healthy sense of urgency
- A willingness to travel within North America up to 30% of the time