Job Description

Own The Role:

Join North America’s top Splunk Services Partner! SP6 is seeking a highly motivated individual to join our growing Co-Managed Services team. Managed Services (MS) Splunk Engineers serve as the subject matter experts in advancing Splunk.

You will work and gain exposure in large multifaceted and intricate customer environments that have a multitude of different technologies. Additionally, you will work in collaboration with the engineers and analysts from SP6 customers to perform a wide array of tasks to ensure systems are secure, compliant, and performant.

This is a remote position

How You’ll Drive Success:

Deployment Maturity

• Creating quarterly customer maturity roadmaps
• Splunk Enterprise and app upgrades (to approved versions)
• Installation and configuration of Splunk-certified applications and add-ons
• Creating and modifying roles and user group associations
• Modifying indexes and data retention policies
• On-boarding new data sources
• Re-architecture of syslog aggregation for Splunk or extensive modification to syslog configuration
• Re-architecture of authentication into Splunk
• Expanding log source collection of an existing source type
• Participating in Executive Business Reviews (EBRs)

Health & Performance

• Deployment health checks & architecture reviews
• System performance tuning 
• Troubleshooting issues within the Splunk environment, including silent log source monitoring
• Reducing license usage on data sources
• Periodic review of errors/warnings reported by internal Splunk logs
• Log normalization (CIM)
• Custom script development

Security Expertise

• Creating quarterly customer security roadmaps
• Implement and maintain detection capabilities across Splunk deployments
• Assist customers in developing a comprehensive strategy for effective detection of malicious activity
• Coordinate with internal and external teams to improve the accuracy of detection capabilities and implement best practice mitigations and automated response capabilities
• Conduct detection gap analyses & customer security workshop calls
• Document and communicate detection capabilities and gaps clearly and effectively leveraging multiple industry frameworks including MITRE ATT&CK, the Cyber Kill Chain, and NIST
• Advise on data source prioritization 
• Research and innovate net new mitigation, detection, and response capabilities given input from industry trends, customer feedback, and research

Requirements

To Be Successful:

• 2+ years of experience in Security Operations or a related field (MSSP/MDR)
• 3+ years of Splunk Admin experience or Splunk Admin certification
• 1+ years of Enterprise Security experience desired
• Working knowledge in various distributions of Linux
• 1+ years of systems administrator, IT operations, or related experience
• Good understanding of Networking concepts (OSI layers, network security concepts)
• Strong troubleshooting, problem solving, and abstract reasoning abilities
• Hands-on troubleshooting/technical support/helpdesk experience
• Self-motivated with strong presentation and verbal communication skills
• Must be able to take extreme ownership (accountability) and seek constant improvement (what could we have done better?)
• Must be customer-focused, team-oriented, communicate and operate with integrity, without compromise

Benefits

Why SP6?

• Recognized as one of North America’s top professional service partners.
• The chance to be part of a winning team and a premier Splunk partner.
• Competitive salary and OTE.
• 100% employer-paid health insurance (Gold-rated plan).
• 401(k) with company match.
• 30 days of annual paid time off (Paid Time Off + Holidays)
• Significant Training and Development and Certification attainment.
• Opportunity for long-term career advancement.
• Your contributions are felt and recognized by our growing company.

Job Tags

Similar Jobs