Splunk Enterprise Security (ES) Implementation Specialist -= ONSITE
Splunk Enterprise Security (ES) Implementation Specialist -= ONSITE
Posted on :
03-05-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Job Title: Splunk Enterprise Security (ES) Implementation Specialist
36 months
onsite St Doral FL 33172 USA
*** MUST HAVE SECRET CLEARANCE***
Job Summary
We are seeking a highly skilled Splunk Enterprise Security (ES) Implementation Specialist to lead the endtoend deployment configuration and operationalization of Splunk ES in support of our growing cybersecurity program. This individual will be responsible for onboarding data sources tuning correlation searches customizing security content and enabling actionable security insights across the organization.
Key Responsibilities
Plan and manage the implementation of Splunk ES including requirements gathering architecture design and deployment.
Onboard and normalize log data from a wide range of sources (e.g. firewalls endpoint security cloud platforms) to align with the Common Information Model (CIM).
Configure and tune Splunk ES correlation searches dashboards and notable event rules to meet businessspecific security use cases.
Collaborate with security operations and engineering teams to integrate threat intelligence feeds ticketing systems and SOAR platforms.
Develop and document processes for incident detection alert triage and response workflows using Splunk ES.
Continuously optimize ES performance storage and detection content to reduce false positives and improve signal quality.
Provide training and guidance to analysts and other stakeholders on using Splunk ES for threat detection and investigation.
Stay up to date with emerging threats and Splunk security best practices to continually enhance detection capabilities.
Qualifications
Required:
3 years of handson experience with Splunk including Enterprise Security (ES).
Deep understanding of log data SIEM architecture and cybersecurity concepts.
Experience with data onboarding and normalization using Splunk CIM.
Proven ability to write and optimize SPL (Search Processing Language) queries.
Familiarity with security use cases such as threat detection insider threat compliance and vulnerability monitoring.
Strong analytical and problemsolving skills with attention to detail.
Excellent communication and documentation skills. Preferred: Splunk certifications (e.g. Splunk Core Certified Power User Splunk Enterprise Security Certified Admin).
Experience integrating with SOAR platforms or automation tools.
Familiarity with regulatory compliance frameworks (e.g. PCIDSS HIPAA NIST).
Knowledge of threat intelligence platforms and feeds (e.g. STIX/TAXII MISP).
Job Summary We are seeking a highly skilled Splunk Enterprise Security (ES) Implementation Specialist to lead the end-to-end deployment, configuration, and operationalization of Splunk ES in support of our growing cybersecurity program. This individual will be responsible for onboarding data sources, tuning correlation searches, customizing security content, and enabling actionable security insights across the organization. Key Responsibilities Plan and manage the implementation of Splunk ES, including requirements gathering, architecture design, and deployment. Onboard and normalize log data from a wide range of sources (e.g., firewalls, endpoint security, cloud platforms) to align with the Common Information Model (CIM). Configure and tune Splunk ES correlation searches, dashboards, and notable event rules to meet business-specific security use cases. Collaborate with security operations and engineering teams to integrate threat intelligence feeds, ticketing systems, and SOAR platforms. Develop and document processes for incident detection, alert triage, and response workflows using Splunk ES. Continuously optimize ES performance, storage, and detection content to reduce false positives and improve signal quality. Provide training and guidance to analysts and other stakeholders on using Splunk ES for threat detection and investigation. Stay up to date with emerging threats and Splunk security best practices to continually enhance detection capabilities. Qualifications Required: 3+ years of hands-on experience with Splunk, including Enterprise Security (ES). Deep understanding of log data, SIEM architecture, and cybersecurity concepts. Experience with data onboarding and normalization using Splunk CIM. Proven ability to write and optimize SPL (Search Processing Language) queries. Familiarity with security use cases such as threat detection, insider threat, compliance, and vulnerability monitoring. Strong analytical and problem-solving skills with attention to detail. Excellent communication and documentation skills. Preferred: Splunk certifications (e.g., Splunk Core Certified Power User, Splunk Enterprise Security Certified Admin). Experience integrating with SOAR platforms or automation tools. Familiarity with regulatory compliance frameworks (e.g., PCI-DSS, HIPAA, NIST). Knowledge of threat intelligence platforms and feeds (e.g., STIX/TAXII, MISP).
Employment Type
Full Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
