Safeguarding sensitive data across the organization and supporting mission-critical applications by developing, maintaining, and sustaining Splunk ES data and dashboards.
Requirements
- Proficiency in Splunk Processing Language
- Hands-on knowledge of DLP, CASB, Insider Threat Tools, data classification tools
- Experience with threat intelligence frameworks inside Splunk Enterprise Security
- Understanding Splunk apps and the purpose of configuration files
Responsibilities
- Monitor, analyze, and respond to data protection events under established procedures
- Support the Insider Threat Response team with incident triage and escalation
- Contribute to policy tuning and optimization efforts
- Generate and maintain data protection metrics via reports and dashboards
- Collaborate with cross-functional teams to gather requirements and deliver scalable solutions using Splunk ES, JavaScript (Node.js/React) and Python
- Configuration of correlation searches that look for specific events and create 'notable event'
Other
- Minimum Secret Clearance Required (TS Eligible)
- Must be a U.S. Citizen
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or minimum 3 years of equivalent experience
- Active Top Secret Clearance Eligibility
- Experience working in government, DoD, or healthcare environments
