Splunk Engineer

Description

Responsibilities:

1. Design, implement, and manage Splunk solutions across IT and OT environments.
2. Monitor and analyze security events to identify potential threats and vulnerabilities.
3. Develop and maintain Splunk dashboards, reports, and alerts to improve situational awareness.
4. Collaborate with IT and OT teams to ensure the integration and proper functioning of Splunk within the infrastructure.
5. Conduct regular system audits and compliance checks in line with industry standards.
6. Support standard patching/upgrade/break-fix activity and leverage vendor support as needed for investigative purposes.
7. Provide technical support and training to staff on Splunk functionalities and best practices.
8. Participate in the planning and execution of Splunk-related projects, including upgrades and expansions.
9. Collaborate on operational support processes and documentation needs.

Required Experience:

1. Bachelor’s degree in Information Technology, Cybersecurity, or a related field.
2. 5-7 years of experience in security engineering, with a focus on Splunk in IT and OT environments.
3. Certification in Splunk, with a strong understanding of both Splunk Enterprise and Splunk for Industrial IoT.
4. Experience with Tanium and/or Industrial Defender for endpoint security and operational technology monitoring.
5. Knowledge of the Utility industry’s security requirements and regulatory standards.
6. Proficiency in Splunk administration, configuration, and advanced searching.
7. Strong analytical skills for threat detection and response.
8. Excellent communication and collaboration abilities.
9. Detail-oriented with a focus on security and compliance.

Preferred Skills:

1. Splunk Certified Architect
2. Familiarity with regulatory compliance standards relevant to the Utility industry, such as NERC CIP, is highly desirable.
3. Experience with scripting and automation for security tasks is a plus.