THIS IS A W2 CONTRACT
Job ID#:
Title:
InfoSec Engineer
Pay Range: $65-75/hr W2
Duration:
6 months
Start Date:
1/6
Location:
100% Remote (any time zone)
Top Required Skills:
- Splunk Enterprise Security
- AWS
- Terraform
Job Description:
The SOC and Security Engineering teams are seeking an experienced professional to assist with supporting Splunk Enterprise Security (ES) and infrastructure management. This role will be instrumental in accelerating the onboarding of new log sources and optimizing the use of Splunk’s built-in ES capabilities
The contractor will focus on:
- Normalizing and mapping ingested data to Splunk and industry-standard Common Information Models (CIM).
- Enhancing threat detection capabilities by aligning data with best practices and leveraging Splunk’s advanced security features.
- Ensuring seamless integration of diverse log sources to enrich the security ecosystem and improve organizational readiness for emerging threats.
- Strengthening infrastructure resilience and enabling robust monitoring to ensure high availability and performance of Splunk environments.
- Migrate logging pipelines from Cribl to Observo
- Design, build, and optimize a security data lake, enabling scalable data ingestion, storage, and analysis to enhance threat detection and incident response capabilities
- This role will play a critical part in enabling the team to fully utilize Splunk ES for more robust and proactive security operations.In recent quarters, we have made significant progress in enhancing our Splunk capabilities and aim to build on this momentum to maximize its potential.
Key Job Functions
- Hands-on experience with Splunk Enterprise Security
- Splunk platform design experience for large-scale and distributed deployments
- Establishes best practices and development standards, and ensures that the team adopts them
- Maintains a close partnership with Splunk on feature requests, upgrade planning, and product roadmap alignment
- Improve Splunk search and indexing performance
- Develop and customize Splunk apps and dashboards
- Implement integration with external systems
- Builds advanced visualizations
- Implements and maintains Splunk platform infrastructure and configuration
- Undertakes day-to-day operational and user support
- Executes new projects as well as data and user onboarding
- Promotes advanced searching, forensics, analytics
- Effects creative solutions to complex problems
- Staffs help desk for search-related assistance
- Manages data onboarding and defining configurations
- Performs data interpretation, classification, and enrichment
- Builds data models
- Manages knowledge objects (field extractions, tags, event types, lookups, aliases, macros, and so on)
- Configures summary-based reports and data model acceleration
DeWinter Group and Maris Consulting is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. We post pay scales which are based on our client pay ranges. DeWinter, Maris, and our clients have the right to modify the requirements of the role which can impact the pay ranges posted.
