Vacancy caducado!
About DMI DMI (Digital Management, LLC.) is a global technology solutions company that specializes in digital strategy, design, transformation and support. Utilizing expertise from six unique DMI Groups, in the areas of AI & Analytics, Commerce, Experience, Managed Services, Transformation, and Government, DMI delivers intelligent digital transformation solutions that meet organizations where they are. Born digital, DMI has been delivering mission-critical, enterprise grade solutions since 2002 for over a hundred Fortune 1000 enterprises and all fifteen U.S. Federal Departments. DMI has grown to 2,000+ employees globally and has been continually recognized by top industry analysts as market leader as well as a Top Place to Work by the Washington Post. DMInc.com | Careers | Twitter | LinkedIn | Facebook About the Opportunity DMI (Digital Management, LLC.) is looking for a Splunk Architect/Engineer with project lead experience and hands-on engineering experience. The Splunk Architect will be responsible for the planning, architecture, engineering, implementation, and support of security solutions for the State of Maryland DoIT Security Operations Center (SOC) with a special focus on Splunk Enterprise Security. This role will be responsible for performing the following tasks:
Duties and Responsibilities:- Serve as the Lead for Splunk solutions and projects, gathering requirements, planning, proposing, and executing Splunk projects to successful closure.
- Gap assessment and analysis of Splunk solutions and recommendation of improvement initiatives
- Architecture, design, implementation, maintenance, and support of Splunk Enterprise Security (ES) and Splunk Phantom.
- Architect and design Splunk ES and Phantom with future growth in mind to ensure a balance between scalability, performance, stability, reliability, and agility.
- Configuration management and control of maintenance architectural/design/functional changes to Splunk ES and Phantom.
- Monitoring Splunk system updates and planning, reviewing, and executing patch/upgrade deployments.
- Perform on-boarding of standard and custom data sources in Splunk and have a thorough knowledge of using regular expressions to create extractions.
- Integration of threat intelligence feeds and with other security tools to facilitate automation.
- Support SOC playbook automation development and maintenance
- Analyze security monitoring and reporting requirements and define, design, develop, and maintain/improve Splunk dashboards, reports, alerts etc.
- Develop search queries for support incident investigative efforts to correlate events.
- Performance monitoring and tuning of Splunk ES and Phantom.
- Operations monitoring of Splunk ES and Phantom to ensure proactive issue identification and resolution.
- Provide production and infrastructure support, root cause analysis, troubleshooting, health monitoring, etc.
- Plan, define, and implement an effective and efficient data backup strategy.
- Plan, define, and implement an effective and efficient data archiving strategy.
- Defining, developing, implementing, and monitoring process and procedures for to support and maintain Splunk ES and Phantom.
- At least ten (10) years of hands-on experience in LAN/Network Administration or System Administration.
- At least three (5) years of Technical Lead responsibilities on system management /deployment projects.
- At least five (5) years of progressive hands-on experience in architecture, design, implementation, support of moderate to complex Splunk Solutions i.e.
- Bachelor's degree from an accredited college or university with a major in Computer Science, Information Systems, Engineering or related scientific or technical discipline.
- Self-starter, able to gather requirements, plan, execute Splunk architecting and deployment efforts.
- Able to perform gap analysis and initiate and execute architectural improvements.
- Holds Splunk Certified Architect or Splunk Certified Admin certification.
- Hands-on experience architecting, building, deploying Splunk instances. Working knowledge of Splunk Validated Architectures.
- Hands-on experience administering, maintaining, and scaling Splunk instances.
- Hands-on experience with scripting languages such as Pearl or Python or Bash etc.
- Hands-on experience with Regula Expressions (RegEx)
- Must have working knowledge and understanding of network infrastructure components such as routers, switches, firewalls etc.
- Mus have working knowledge and understanding of networking and switching protocols and infrastructure services able to troubleshoot and identify DNS, NTP, routing, switching, and firewall issues affecting connectivity of Splunk instances.
- Customer-oriented with excellent issue follow-through and resolution abilities.
- Excellent written and oral communication, and presentation skills.
- Ability to effectively work both autonomously as well as on a team.
- Outstanding interpersonal skills, strong work ethic, and self-motivated.
- Utilize tools and analytical skills to plan and execute technical changes.
- Splunk Certified Architect or Splunk Enterprise Security Certified Admin, or Splunk Phantom Certified Admin certifications.
- CompTIA Security + or relevant networking industry certifications
- Cisco CCNA or CompTIA Network + or relevant networking industry certifications
- Windows/Linux OS and MS SQL/MYSQL/Oracle DB Administration.
- Experience in project task technical analysis, planning, and estimation.
- Experience with technology capabilities market research, technical analysis/review, and recommendation.