Splunk Engineer - Consultant Certified / ES Accreditation Required (R-00062)
: Job Details :

True Zero Technologies, a veteran-owned small business, was founded on the principle that the purposeful enablement of people and technology in an organization directly ties to the quality of its outcomes. True Zero recognizes that said outcomes begin and end with our people, and that is what we have built, a community of like-minded, driven, and passionate individuals and innovators who are aligned in a common goal of delivering top tier services to our customers. In 2023, True Zero was recognized as a “Best Places to Work” in two categories ( Prosperous and Thriving and Mid-Atlantic Region ) and in 2022, was recognized as one of Inc. Magazine's Top 5000 Fastest Growing Companies.

The candidate will be part of a team of Splunk Engineers maintaining various client Splunk instances with a focus on data onboarding, content development, reporting, and visualizations. All candidates must have prior Splunk engineering and administration experience, meet certification prerequisites, and work well in a team environment. Experience supporting federal customers is a plus.

As a TZT consultant, the candidate will have access to our full knowledge base, driven by the True Zero community, and the technical support of the entire PS team. We encourage collaboration and professional growth through information sharing and workshops. The candidate will also have access to our internal Slack channel and tools for training, demos, testing, and skill development.

• US Background Check Required
• Splunk Consultant Certification
• Extensive Splunk ES Experience
• Experience ingesting logs into Splunk via Cribl
• Experience with RBA
• Develop and implement actionable alerts and workflows for Splunk as a SIEM tool
• Create and maintain Apps & Knowledge Objects like dashboards, reports, and data models
• Collaborate with the Splunk Architect/Admin to promote private KO to Global KO
• Assist and train CISO Splunk Engineering team on Data Lifecycle
• Support, train, and host workshops for CISO teams and analysts on searching and content development
• Develop automation to improve CISO workflows using Splunk
• Develop risk rules and incident rules for cyber event alerts
• Create custom dashboards for RBA to highlight risks and health analysis
• Configure incident response workflows for notable events
• Develop machine learning models for anomaly detection
• Work with stakeholders to implement and maintain event logging across systems and cloud providers, understanding network protocols, operating systems, applications, and telemetry

We're actively seeking talented security and tech practitioners eager to experience the True Zero difference. As a team member, you'll enjoy:

- Competitive salary, paid twice monthly

- Top-tier medical coverage, with 100% premiums covered

- Company-wide new business incentives

- Contribution incentives (white papers, blogs, webinars)

- 3 weeks PTO + 11 paid holidays annually

- 401k with 100% match on the first 4%

- Monthly reimbursement for cell phone and internet

- Paternity/Maternity leave

- Investment in training and certifications to expand your skills