Splunk Security Consultant

Job Title: Splunk Security Consultant
Rate is up to $115/hr on Vendor W2. If going in at $115/hr make sure there are an absolute rock star. If not at senior or principal level..adjust.
Duration: 12 months contract should extend
Location: Denver, CO or Minneapolis, MN, it might be good for them to come onsite to get up to speed.

2 security roles. One Splunk and one industrial defender.

Please start local to MN or Colorado for Splunk. The industrial defender is more niche so I am willing to submit remote immediately.
Hours: regular business hours, might have to do some scheduled maintenance on the weekends, but it won’t be much

Overview: We are maturing our operational support team. We are keeping the lights on now, troubleshooting, patching, etc…working with our peers in our incident response team and we are looking at data ingested from these tools, make decisions with the data that we have. This is the first line of defense if there is an issue with a tool that is arising. It’s not taking action, that we need to address, we partner with internal teams to take care of it.

Working with internal customers, make sure their tools are ingesting the data from a Splunk and industrial defender capability.
Additional tools he mentioned: dragos, Octanium, SentinelOne (nice to have)

Key players:
Group consists of threat and monitoring and IAM. Cybersecurity as a whole can mean different things, but we have an IT and OT environment that has multiple tools that does that same thing.
Teams that we work with: Sailpoint team, splunk, industrial defenders
18 people report to this manager
External vendors are splunk and industrial defender. We have agreements in place to work with them if we have root cause analysis for an outage or issue. We do training with them too.

Years of experience: 5-7 years.

SPLUNK ROLE:
Someone who has been involved in upgrades
Done on prem to cloud upgrade for splunk.
Need to know how to do monitoring and configuring.
Linux – understand how to pull reports and be comfortable with it.
Work with network team, understand our languages and spearhead triage and troubleshooting.

What will excite candidates:
We have a leadership group that understands how critical this is. When we bring on new tech, it is important to have an operational support team set up for success, we are striving to achieve this. Not a fend for yourself group, we want people to be successful and work with our peers.

Must have skills:
Autonomous mentality, be able to detect what needs to be done without being told what to do. Our operational support teams need people who can proactively identify risk. If there is an incident, they need to be able to jump in right way.
Understand a regular patching cadence
Be able to work with vendors about upgrades and what they mean for us.

Education: not required
Interview: Panel interview on Teams. Dig into background, talk about career highlights, senarios questions about how they might handle a triage

Job Description:
Responsible for the strategic management of the largest and/or most complex key cyber security initiatives by identifying security risk management and compliance solutions driven by business needs for significant business critical applications, infrastructure and services. Protect the company against risks of data loss and vulnerability management as well as drive initiatives to ensure compliance with requirements from agencies such as FERC, NERC, and Department of Homeland Security (such as CIP, HIPAA, SOX, PCI). Manage security risks and threats by collaborating with other business units, utilities, governmental agencies and security related communities to share information. Apply expert level business and technical acumen while defining security and compliance solutions that deliver best practices for building and monitoring controls for information protection and threat management.

Interested candidates email your resume to alex@amtexenterprises.com & shabu@amtexenterprises.com

To apply for this job email your details to alex@amtexenterprises.com