Splunk ES Implementation Miami, FL Al corriente: 5/13/2025
Descripción función
Vacante núm:
211354
Categoría de vacante:
IT/Technical
Tipo de cargo/puesto:
Associate - W2
la duración:
2 months
We have an outstanding Contract position for a Splunk ES Implementation to join a leading Company located in the Doral, FL surrounding area.
**US Citizenship is required.** **Candidate must possess an Active Secret Security Clearance.**
We are seeking a highly skilled Splunk Enterprise Security (ES) Implementation Specialist to lead the end-to-end deployment, configuration, and operationalization of Splunk ES in support of our growing cybersecurity program. This individual will be responsible for onboarding data sources, tuning correlation searches, customizing security content, and enabling actionable security insights across the organization.
Job Responsibilities:
Plan and manage the implementation of Splunk ES, including requirements gathering, architecture design, and deployment.
Onboard and normalize log data from a wide range of sources (e.g., firewalls, endpoint security, cloud platforms) to align with the Common Information Model (CIM).
Configure and tune Splunk ES correlation searches, dashboards, and notable event rules to meet business-specific security use cases.
Collaborate with security operations and engineering teams to integrate threat intelligence feeds, ticketing systems, and SOAR platforms.
Develop and document processes for incident detection, alert triage, and response workflows using Splunk ES.
Continuously optimize ES performance, storage, and detection content to reduce false positives and improve signal quality.
Provide training and guidance to analysts and other stakeholders on using Splunk ES for threat detection and investigation.
Stay up to date with emerging threats and Splunk security best practices to continually enhance detection capabilities.
Basic Hiring Criteria:
3+ years of hands-on experience with Splunk, including Enterprise Security (ES).
Deep understanding of log data, SIEM architecture, and cybersecurity concepts.
Experience with data onboarding and normalization using Splunk CIM.
Proven ability to write and optimize SPL (Search Processing Language) queries.
Familiarity with security use cases such as threat detection, insider threat, compliance, and vulnerability monitoring.
Strong analytical and problem-solving skills with attention to detail.
Excellent communication and documentation skills. Preferred: • Splunk certifications (e.g., Splunk Core Certified Power User, Splunk Enterprise Security Certified Admin).
Experience integrating with SOAR platforms or automation tools.
Familiarity with regulatory compliance frameworks (e.g., PCI-DSS, HIPAA, NIST).
Knowledge of threat intelligence platforms and feeds (e.g., STIX/TAXII, MISP).
The Company will consider qualified applicants with arrest and conviction records in accordance with federal, state, and local laws and/or security clearance requirements, including, as applicable:
The California Fair Chance Act
Los Angeles City Fair Chance Ordinance
Los Angeles County Fair Chance Ordinance for Employers