Splunk Engineer

Pueo is known for bringing the best talent and unique tools to every opportunity. Pueos Parliament (aka workforce) is composed of professionals who are seeking the opportunity to work in a business organization that thrives on career development and support of mission and professional growth our Parliament has supported the development of multiple patents proprietary tools and applications as well as trademarked processes.

Our organization emphasizes career development across multiple career environments (at the members own pace) and ensures those who contribute broadly are properly rewarded. Pueo has four career environments where every member of the parliament can participate. Each environment has opportunities available for all levels. Opportunities are framed by an employees desires and capabilities and we ensure challenges growth and unique experiences are available for employees at all levels.

Our Career Environments (Program Functional Service and Leadership) provide numerous opportunities for employees to invest in their personal growth and those things that offer fulfillment. We invest in helping our members create and execute their career development plans. Our Pods (small teams of 5 or less) are comprised of personnel with similar skillsets to ensure mentorship understanding and peer support.

OVERVIEW:

A technical expert who manages and optimizes the Splunk environment ensuring accurate log ingestion dashboard development and content creation to enable real-time detection and incident response.

GENERAL DUTIES:

• Maintain and optimize distributed Splunk architecture (indexers forwarders search heads).
• Design and develop dashboards reports and custom SPL queries.
• Create and manage Splunk knowledge objects (e.g. lookups macros tags).
• Integrate disparate data sources for real-time analysis and threat detection.
• Collaborate with TESIEMS and SOC teams for tuning detection content and workflows.
• Support patching upgrades and Splunk platform administration.

REQUIRED QUALIFICATIONS:

• 47 years of Splunk or SIEM experience.
• Strong knowledge of data normalization log ingestion and indexing pipelines.
• Experience with SOAR automation and Splunk content development.
• Degree Requirements (if applicable) bachelors degree from an accredited institute in an area applicable to the position in Cybersecurity Computer Science Information Systems or a related discipline.
  • Three (3) years of additional experience in lieu of degree.
• Splunk certifications (e.g. Splunk Core Certified Power User Splunk Certified Admin/Architect)
  • Relevant certifications such as Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Cyber Security Analyst (CySA) are highly desirable.

CLEARANCE:

• Secret minimum

Pueo is an equal employment opportunity employer and affirmative action employer. All interested individuals will receive consideration and will not be discriminated against on the basis of race color religion sex national origin disability age sexual orientation gender identity genetic information or protected veteran status. Pueo takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities women protected veterans and individuals with disabilities.