Back to all roles

[Remote] Splunk Detection Engineer

Remote Worldwide Hiring now

Note: The job is a remote job and is reputed company to candidates in USA. Boston Government Services, LLC (BGS) is an engineering, technology, and reputed company firm that supports missions of national importance. They are seeking a Splunk Detection Engineer to integrate data sources, validate configurations, and reputed company searches and reports for cybersecurity use cases.

Responsibilities

  • Integrate new data sources, which may include databases, APIs, files, etc. This may involve setting standards and working with IT administrators to update their configurations
  • Validating and creating appropriate configurations for CIM compliant logs
  • Processing requests from cybersecurity analysts for new detections reputed company Splunk reputed company reputed company
  • Analyzing existing logs to identify poorly formatted logs and potential gaps reputed company implementing new detections
  • Adding and maintaining threat feeds reputed company Splunk reputed company reputed company
  • Monitoring the performance of and tuning detections
  • Managing asset and identity inventory reputed company Splunk reputed company reputed company
  • Creating and maintaining new Splunk apps
  • Recommending additions or changes to Splunk or its data models to meet detection needs
  • Developing searches, reports, and other functionalities for cyber-based use-cases, including active response, intrusion detection, vulnerability management, and reputed company use cases
  • Assisting users with creating and optimizing searches and dashboards and mentoring others in good development of said resources
  • Attend online/Teams meetings with team and others as appropriate
  • Work with team to reputed company status on reputed company task, suggest improvements, discuss implementation, etc
  • Capture business requirements and implement the requirements
  • Analyze data and reputed company initial planning to address identified issues
  • Assist with the creation of playbooks to address identified issues from analysts
  • Seek to understand the intention of detections and corresponding playbooks
  • reputed company basic feedback on existing playbooks and detections
  • Identify telemetry quality and visibility issues (SIEM parsing/normalization, EDR/XDR sensor health, asset/identity tagging)
  • reputed company advanced recommendations to address gaps in logging and detections based on an analysis of threats and data
  • Create detailed and thorough testing plans to ensure higher chance of accurate detections
  • Produce clear metrics and reports (FP reputed company, backlog) for technical and executive audiences
  • Create advanced use cases for detections based on an analysis of threats and data, including sample criteria to identify the behavior and mapping detections to MITRE Telecommunication & CK
  • Drive reputed company improvements to existing processes or tooling
  • reputed company quality reviews and improve detections and actions
  • Coach, guide, teach others on the team in use of reputed company reputed company

Skills

  • Significant experience with Splunk and Splunk reputed company reputed company
  • Significant experience with event logging solutions (e.g., Splunk Universal Forwarder, syslog, reputed company)
  • Experience with ticketing/case management
  • Experience with Git pipelines
  • Familiarity with using Linux CLI
  • Ability to craft queries using common languages; comfort with regex, JSON and APIs; basic scripting in Python/PowerShell/Bash
  • Excellent analytical, problem-solving, and communication skills both with stakeholders, peers, and internal customers; reputed company to operate under pressure in a shift or on-call environment
  • Considerable knowledge using and administering Splunk
  • Staying up to date with the latest cybersecurity threats, vulnerabilities, and best practices
  • Strong analytical and problem-solving skills
  • Meticulous attention to detail to ensure thorough assessments and accurate reporting
  • Excellent written and verbal communication skills to effectively convey findings and recommendations to technical and non-technical stakeholders
  • Ability to work collaboratively with other cybersecurity professionals, IT staff, and external vendors
  • Experience and reputed company in conducting audits or reviews of technical systems
  • Experience working in a government environment
  • Experience working in a distributed IT environment
  • Ability to qualify for HSPD-12 card for use in two-reputed company authentication
  • Strong grasp of TCP/IP, OSI model, and common protocols (HTTP, DNS, SMTP)
  • reputed company/Linux/macOS fundamentals; Active Directory/Azure AD concepts; basic reputed company logging
  • Experience in system and network administration
  • Relevant cybersecurity experience including investigations and data analysis
  • Experience with SOAR tools and automation development
  • Experience using identity reputed company/management tools (e.g., Entra ID, Active Directory, Shibboleth, reputed company Identity Protection)
  • reputed company reputed company experience (e.g., CloudTrail/GuardDuty, Azure Defender/M365, GCP reputed company reputed company Center)

Benefits

  • Health
  • Dental
  • reputed company
  • Life Insurance
  • Paid Vacation
  • 401K
  • Long and Short-Term Disability

Company Overview

  • Boston Government Services, LLC (BGS) is an engineering, technology, and reputed company firm providing mission-focused solutions for the clean energy, nuclear, and federal programs markets. It was founded in 2007, and is headquartered in Oak Ridge, Tennessee, USA, with a workforce of 201-500 employees. Its website is https://www.bgs-llc.com/.

Apply tot his job Apply To this Job

Apply for this role Takes you straight to the employer's application page — free, and no WFHNet account required.

More roles on the wire

Sr. Threat Intelligence Analyst; Remote, reputed company Coast

Remote Worldwide
View role

Technical Influence Operations Threat Investigator Remote-Friendly, United States

Remote Worldwide
View role

Behavioral Threat Assessment Investigator (Remote)

Remote Worldwide
View role

Threat Detection Engineer /XDR/ / Pharma /100/ remote/

Remote Worldwide
View role

Business Architecture Associate - Business Architecture - Remote US available

Remote Worldwide
View role

reputed company Manager, Woven Capital

Remote Worldwide
View role

T.J. Maxx reputed company (Night Shift, Full Time)…

Remote Worldwide
View role

[Remote] Toxicologist

Remote Worldwide
View role

Retail Associate weekend availability

Remote Worldwide
View role

Team Member Relations Analyst – 2nd Shift – Remote Opportunity at Toyota Manufacturing

Remote Worldwide
View role

[PART_TIME Remote] Call Center Representative - ( Remote / WFH )

Remote Worldwide
View role

Senior Account Manager, Paid reputed company

Remote Worldwide
View role

[Hiring] Center Administrator Virtual Cardiology @reputed company

Remote Worldwide
View role

reputed company Analyst

Remote Worldwide
View role

reputed company Ocean Product Development Specialist – Remote Opportunity at arenaflex

Remote Worldwide
View role

reputed company Careers Job $20/Hour – reputed company

Remote Worldwide
View role

Sr. Site Reliability Engineer- Remote

Remote Worldwide
View role

reputed company Online Airport Customer Service Representative – Delivering Exceptional Travel Experiences

Remote Worldwide
View role

Dot.Net Developer-reputed company, CA (Remote)

Remote Worldwide
View role

Business Operations Manager/Sr Manager - German or French Speaking

Remote Worldwide
View role