12 Nov
Security Analyst (SIEM Administrator)
Vacancy expired!
job summary:
Summary This position reports to the Security Risk Compliance Office Manager (SRCO), Information Technology office. This Security Analyst is a key member of the Security Risk Compliance Office team. The successful candidate will have advance knowledge of Splunk, Rapid7 Nexpose, Unix, Windows, VMWare, Databases, and Data Storage environments. Responsibilities - Security Analyst will focus on advance Splunk administration, configuration, and development efforts, with a goal towards enhancing and further refine Splunk infrastructure as it relates to application, machine logs, troubleshooting, reporting, customer queries, and building dashboards. - Focus on continual evaluation and process improvement and maximizing Splunk capabilities to increase value to FTE's Information Technology cross functional teams. - Standardize Splunk agent deployment, configuration, log aggregation, and maintenance across a variety of platforms to include UNIX, Windows, VMWare, SQL, Oracle, and Data Storage environments. - Troubleshoot Splunk server and agent problems including on-point for escalation for Splunk operations support. - Monitor the agents and server infrastructure for capacity planning and optimization. - Design Splunk dashboards for monitoring PCI-DSS, Financial, including Perimeter Security environments and as required. - Design and maintain support for SaaS environments to ensure appropriate logging and monitoring is maintained. - Ensure that Splunk environment maintains a viable failover environment which is tested on a regular basis. - Perform vulnerability scans for applications, databases, and server environments aligned with PCI-DSS standards and industry best practices. - Work with respective FTE's Information Technology cross functional teams to ensure remediation of identified vulnerabilities are remediated within timeframes outlined by PCI-DSS standards and industry best practices. - Perform cross functional training for other SRCO team members in Splunk tool management and monitoring. - Provide support to Firewall administrator work with SRCO team assist with forensic analysis, investigations. - Ensure compliance with established standards, policies, and configuration guidelines established by SRCO and industry best practices. Requirements: Education: - Four (4) year degree or equivalent experience Experience: - Must have 5 to 7 years hands-on experience with Splunk - Must have 5 to 7 years' experience with Unix (RedHat), Windows, VMWare and other platforms - Working 2 to 3 years' working experience with vulnerability scanning tool (Rapid7 Nexpose preferred) - Must have advanced understanding of database environments such as SQL, Oracle etc. Certification: - Splunk Enterprise Certified Administrator (preferred) - Splunk Enterprise Security Certified Administrator (preferred) location: Boca Raton, Floridajob type: Contractsalary: $50 - 60 per hourwork hours: 8am to 5pmeducation: No Degree Required responsibilities:Summary This position reports to the Security Risk Compliance Office Manager (SRCO), Information Technology office. This Security Analyst is a key member of the Security Risk Compliance Office team. The successful candidate will have advance knowledge of Splunk, Rapid7 Nexpose, Unix, Windows, VMWare, Databases, and Data Storage environments. Responsibilities - Security Analyst will focus on advance Splunk administration, configuration, and development efforts, with a goal towards enhancing and further refine Splunk infrastructure as it relates to application, machine logs, troubleshooting, reporting, customer queries, and building dashboards. - Focus on continual evaluation and process improvement and maximizing Splunk capabilities to increase value to FTE's Information Technology cross functional teams. - Standardize Splunk agent deployment, configuration, log aggregation, and maintenance across a variety of platforms to include UNIX, Windows, VMWare, SQL, Oracle, and Data Storage environments. - Troubleshoot Splunk server and agent problems including on-point for escalation for Splunk operations support. - Monitor the agents and server infrastructure for capacity planning and optimization. - Design Splunk dashboards for monitoring PCI-DSS, Financial, including Perimeter Security environments and as required. - Design and maintain support for SaaS environments to ensure appropriate logging and monitoring is maintained. - Ensure that Splunk environment maintains a viable failover environment which is tested on a regular basis. - Perform vulnerability scans for applications, databases, and server environments aligned with PCI-DSS standards and industry best practices. - Work with respective FTE's Information Technology cross functional teams to ensure remediation of identified vulnerabilities are remediated within timeframes outlined by PCI-DSS standards and industry best practices. - Perform cross functional training for other SRCO team members in Splunk tool management and monitoring. - Provide support to Firewall administrator work with SRCO team assist with forensic analysis, investigations. - Ensure compliance with established standards, policies, and configuration guidelines established by SRCO and industry best practices. Requirements: Education: - Four (4) year degree or equivalent experience Experience: - Must have 5 to 7 years hands-on experience with Splunk - Must have 5 to 7 years' experience with Unix (RedHat), Windows, VMWare and other platforms - Working 2 to 3 years' working experience with vulnerability scanning tool (Rapid7 Nexpose preferred) - Must have advanced understanding of database environments such as SQL, Oracle etc. Certification: - Splunk Enterprise Certified Administrator (preferred) - Splunk Enterprise Security Certified Administrator (preferred) qualifications:- Experience level: Experienced
- Minimum 5 years of experience
- Education: No Degree Required
- SECURITY ANALYST
- SECURITY
- Splunk
- Rapid7 Nexpose
- Unix
- Windows
- VMWare
- Databases
- Data Storage
- Splunk Certifications
Vacancy expired!