Previous Job
Previous
Information Security Engineer : 17-02599
Ref No.: 17-02599
Location: San Jose, California
Primary Skills : Security, Normalization, Splunk, Data, Linux
Contract Term: W2
Location : San Jose, CA (Local Candidates only who can appear for an in-person interview)
Duration : 06 Months

 
Job Description :
  • Splunk Admin and Architecture related tasks
  • Conduct the Splunk data on-boarding sources from start to finish
  • Conduct a hands-on session walking the system owner(s) through best-practices when introducing new data to Splunk.
  • Data on boarding across multiple data sources (windows, Linux, API, database, etc.)
  • Data normalization (extractions, tags, event types)
  • Ability to debug configuration issues
  • Manually create regular expressions to properly extract interesting fields from a variety of log types and normalize fields to comply with the CIM.
  • Create data-source configurations specific to the Splunk CIM for use with SA-CIM data models and normalize fields to comply with the CIM.
  • Create data models and knowledge objects as needed to onboard logs
  • Qualifications:
  • Understanding of the Splunk Common Information Model, RBAC and permissions
  • Understanding of Splunk Data Models
  • Understanding of Splunk configurations, dependencies, and forwarder management
  • Understands Splunk architecture and components (search head, deployment server, cluster master, indexers, forwarders (HF/UF)
  • Ability to establish priorities, work independently and proceed with objectives.
  • Strong understanding of enterprise logging using syslog-ng, with a focus on security event logging
  • Knowledge of system and network architecture and interrelationships (technical and functional).
  • Must be well organized and able to leverage best practices, able to thrive in fast-paced environment, and, most importantly, have the ability to approach problems with an innovative, can-do attitude
  • Minimum 2 year of experience in implementing Splunk, Splunk certifications is a plus
  • Minimum 5 years of experience in networking/application/ Linux system admin and/or development related roles
  • Familiar with both Windows and Linux based OS
  • Experience in working with multiple cross-functional teams
  • Highly motivated, able to take ownership of tasks and see through completion
  • Understanding of PCI requirements and support company's annual PCI audit
  • Strong communication and interpersonal skills to work with both collaborative cross-functional team of peers and other departments within the company.
Top Skills :
  • Must have at least 2-3 years of experience as a security Engineer.
  • Good security understanding
  • Good systems understanding- UNIX, Linux, window, focus will be mostly on Linux
  • Good understanding of splunk
  • Soft skills are a must. This person will work with multiple teams day to day to monitor and log issues.
 
  Please apply directly with your updated resume or call Sushil at : 408-816-2465