Ellington Cyber Academy
Splunk Enterprise Security (ES) Implementation Specialist
Ellington Cyber Academy - Miami, Florida, us, 33222
Work at Ellington Cyber Academy
Overview
- View job
Overview
Splunk Enterprise Security (ES) Implementation Specialist
Splunk Enterprise Security (ES) Implementation Specialist
3 weeks ago Be among the first 25 applicants Ellington Solutions is seeking out qualified candidates that will:
Oversee the comprehensive deployment, configuration, and operational implementation of Splunk ES to support the expansion of our cybersecurity program Take charge of onboarding various data sources, fine-tuning correlation searches, tailoring security content, and facilitating actionable security insights throughout the organization Plan and execute the implementation of Splunk ES, which includes gathering requirements, designing the architecture, and carrying out the deployment Onboard and standardize log data from diverse sources (such as firewalls, endpoint security systems, and cloud platforms) to comply with the Common Information Model (CIM) Configure and optimize Splunk ES's correlation searches, dashboards, and notable event rules to address specific business security needs Work in collaboration with security operations and engineering teams to integrate threat intelligence feeds, ticketing systems, and SOAR platforms Create and document procedures for incident detection, alert triage, and response workflows utilizing Splunk ES Continuously enhance the performance, storage, and detection capabilities of ES to minimize false positives and enhance signal quality Offer training and support to analysts and other stakeholders on effectively utilizing Splunk ES for threat detection and investigation Keep informed about emerging threats and Splunk security best practices to consistently improve detection capabilities
Requirements
The qualified candidate will have:
US Citizenship (Required) A minimum of Secret clearance (Required) A minimum of 3 years of practical experience with Splunk, particularly in Enterprise Security (ES) Comprehensive understanding of log data, SIEM architecture, and core cybersecurity principles Experience in data onboarding and normalization processes utilizing Splunk CIM Demonstrated capacity to compose and enhance SPL (Search Processing Language) queries Knowledge of security use cases, including threat detection, insider threats, compliance requirements, and vulnerability monitoring Strong analytical and problem-solving abilities, coupled with a keen attention to detail Exceptional communication and documentation skills Possession of Splunk certifications (e.g., Splunk Core Certified Power User, Splunk Enterprise Security Certified Admin) Experience in integrating SOAR platforms or automation tools Understanding of regulatory compliance frameworks (e.g., PCI-DSS, HIPAA, NIST) Familiarity with threat intelligence platforms and data feeds (e.g., STIX/TAXII, MISP)
Seniority level
Seniority level Mid-Senior level Employment type
Employment type Contract Job function
Job function Information Technology Industries IT Services and IT Consulting Referrals increase your chances of interviewing at Ellington Cyber Academy by 2x Sign in to set job alerts for “Security Professional” roles.
Overnight Security Officer - Full Time *$500 Sign-on Bonus
Armed Security Officer (Multiple Locations)
Security | Nightlife Security Officer LIV (Part Time)
Security Officer- Miami Brickell Overnight
Armed Diplomatic Security Officer (68537)
Armed Protective Security Officer - Miami Florida
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
Splunk Enterprise Security (ES) Implementation Specialist
3 weeks ago Be among the first 25 applicants Ellington Solutions is seeking out qualified candidates that will:
Oversee the comprehensive deployment, configuration, and operational implementation of Splunk ES to support the expansion of our cybersecurity program Take charge of onboarding various data sources, fine-tuning correlation searches, tailoring security content, and facilitating actionable security insights throughout the organization Plan and execute the implementation of Splunk ES, which includes gathering requirements, designing the architecture, and carrying out the deployment Onboard and standardize log data from diverse sources (such as firewalls, endpoint security systems, and cloud platforms) to comply with the Common Information Model (CIM) Configure and optimize Splunk ES's correlation searches, dashboards, and notable event rules to address specific business security needs Work in collaboration with security operations and engineering teams to integrate threat intelligence feeds, ticketing systems, and SOAR platforms Create and document procedures for incident detection, alert triage, and response workflows utilizing Splunk ES Continuously enhance the performance, storage, and detection capabilities of ES to minimize false positives and enhance signal quality Offer training and support to analysts and other stakeholders on effectively utilizing Splunk ES for threat detection and investigation Keep informed about emerging threats and Splunk security best practices to consistently improve detection capabilities
Requirements
The qualified candidate will have:
US Citizenship (Required) A minimum of Secret clearance (Required) A minimum of 3 years of practical experience with Splunk, particularly in Enterprise Security (ES) Comprehensive understanding of log data, SIEM architecture, and core cybersecurity principles Experience in data onboarding and normalization processes utilizing Splunk CIM Demonstrated capacity to compose and enhance SPL (Search Processing Language) queries Knowledge of security use cases, including threat detection, insider threats, compliance requirements, and vulnerability monitoring Strong analytical and problem-solving abilities, coupled with a keen attention to detail Exceptional communication and documentation skills Possession of Splunk certifications (e.g., Splunk Core Certified Power User, Splunk Enterprise Security Certified Admin) Experience in integrating SOAR platforms or automation tools Understanding of regulatory compliance frameworks (e.g., PCI-DSS, HIPAA, NIST) Familiarity with threat intelligence platforms and data feeds (e.g., STIX/TAXII, MISP)
Seniority level
Seniority level Mid-Senior level Employment type
Employment type Contract Job function
Job function Information Technology Industries IT Services and IT Consulting Referrals increase your chances of interviewing at Ellington Cyber Academy by 2x Sign in to set job alerts for “Security Professional” roles.
Overnight Security Officer - Full Time *$500 Sign-on Bonus
Armed Security Officer (Multiple Locations)
Security | Nightlife Security Officer LIV (Part Time)
Security Officer- Miami Brickell Overnight
Armed Diplomatic Security Officer (68537)
Armed Protective Security Officer - Miami Florida
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr