CyberGen is an established security consulting and services provider with an expert technical staff around the globe. We specialize in all manner of cybersecurity solutions with diverse and broad experience in the industry

 We are seeking a Splunk Engineer to join our team. Exciting and challenging opportunity for someone who is interested in bringing their passion, dedication, and expertise to support the Information Security Event Management team. You will support engineering efforts to design, build and maintain a new Splunk SaaS platform and support expansion of security log collection across a large hybrid environment.

 Primary Responsibilities

• Deep understanding of SplunkES and Splunk Cloud
• Build Splunk queries and reporting and dashboards / tables / automated reports and metrics
• Work with internal teams for mapping and documenting Splunk indexes and data sources
• Recommendations for cleaning up duplicate and redundant data sources feeding to Splunk
• Work with SOC to review, tune existing Splunk queries and Alerts
• Review deprecated integrations and provide clean up recommendations
• Health dashboard for critical integrations and security tools

 Required knowledge, skills, and abilities (KSAs)

• 4+ years of experience with deploying, configuring, and performing functional testing and data validation in a Splunk environment
• Experience implementing Splunk installations from the ground up, including various server roles (Search Head, Indexers, Heavy Forwarders and Universal Forwarders, etc.)
• Must have advanced knowledge of Linux and Windows operating systems, and cloud technologies
• Preferred certifications: Splunk Enterprise Certified Admin, CISSP, AWS/Google Cloud Platform/Azure, GMON