Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy
Jobs / Job page
Splunk Engineer - Consultant Certified/Heavy ES Experience Required (R-00028) image - Rise Careers
Job details

Splunk Engineer - Consultant Certified/Heavy ES Experience Required (R-00028)

True Zero Technologies, a veteran-owned small business, was founded on the principle that the purposeful enablement of people and technology in an organization directly ties to the quality of its outcomes. True Zero recognizes that said outcomes begin and end with our people, and that is what we have built, a community of like-minded, driven, and passionate individuals and innovators who are aligned in a common goal of delivering top tier services to our customers. In 2023, True Zero was recognized as a “Best Places to Work” in two categories ("Prosperous and Thriving" ($5MM – $50MM in gross revenue) and "Mid-Atlantic Region" (DC, DE, MD, NC, VA, WV)) and in 2022, was recognized as one of Inc. Magazine’s Top 5000 Fastest Growing Companies.


The candidate will be part of a team of Splunk Engineers maintaining various client's Splunk instances with a heavy emphasis on data on-boarding, content development, reporting, and visualizations. All candidates must possess prior Splunk engineering and administration experience, meet the necessary certification prerequisites, and work well in a team environment. Candidates with backgrounds supporting federal customers is a plus.


As a TZT consultant, the candidate will receive access to the full knowledge base which is driven by the True Zero community as well as the technical backing of the entire PS team. True Zero encourages collaboration and growth through information sharing and knowledge workshops. The candidate will also have access to our internal Slack channel to stay connected with the team as well as the necessary tools to train, demo, test and grow their professional skills.


Qualification Requirements
  • US Background Check Required
  • Splunk Consultant Certification
  • Heavy Splunk ES Experience
  • Experience with RBA
  • Develop and Implement Actionable Alerts and Workflow for Splunk as a SIEM (Security Information & Event Management) tool
  • Develop and Implement Apps & Knowledge Objects (KO) like Dashboard, Reports, Data Models
  • Work with the Splunk Architect/Admin to promote private KO to Global KO
  • Assist, and/or train CISO Splunk Engineering team on Data Lifecycle
  • Support Assist, train, and/or host workshops CISO teams and analysts on Searching and Content Development
  • Develop and implement automation to improve efficiency of CISO workflows using Splunk Assist in development of advanced security use cases in Splunk
  • Develop risk rules and risk incident rules to correlate and alert to significant cyber events
  • Develop custom dashboards specific to RBA (Risk Based Alerting) to highlight risk detail, health analysis and risk suppression
  • Configure incident response and remediation workflows for ES around notable events (RBA or otherwise alerted)
  • Develop custom machine learning (ML) models to support anomaly-detection based augmentation of alerting
  • Work with numerous stakeholders to implement & maintain event logging from various operating systems, applications, identity providers, network infrastructure, and cloud service providers. Understanding of network protocols, operating systems, applications, and device event telemetry


We’re actively searching for talented security and technology practitioners who are ready to experience the True Zero difference. As a True Zero team member, you'll enjoy:


- Competitive salary, paid twice per month

- Best in class medical coverage

- 100% of medical premiums covered by True Zero

- Company wide new business incentive programs

- Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)

- 3 weeks of PTO starting + 11 Paid Holidays Annually

- 401k Program with 100% company match on the first 4%

- Monthly reimbursement of Cell Phone and Home Internet costs

- Paternity/Maternity Leave

- Investment in training and certifications to broaden and deepen your technical skills

True Zero Technologies Glassdoor Company Review
5.0 Glassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star icon
True Zero Technologies DE&I Review
5.0 Glassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star icon
CEO of True Zero Technologies
True Zero Technologies CEO photo
Unknown name
Approve of CEO

Average salary estimate

$100000 / YEARLY (est.)
min
max
$80000K
$120000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Splunk Engineer - Consultant Certified/Heavy ES Experience Required (R-00028), True Zero Technologies

True Zero Technologies is looking for an enthusiastic Splunk Engineer with Consultant certification and heavy experience in Enterprise Security to join our dynamic, 100% remote team. Here at True Zero, we're committed to fostering a community where our people thrive alongside technology to deliver outstanding results. As a recognized leader in the industry, we've won accolades for being one of the best places to work, and we're excited to offer a role where you can contribute to key projects while growing your skills. In this role, you will work closely with a stellar team of Splunk Engineers, focusing on maintaining clients' Splunk instances with an emphasis on data onboarding, reporting, and visualizations. If you have a strong foundation in Splunk engineering and administration, enjoy collaborating with others, and perhaps have experience supporting federal customers, you might just be a perfect fit! True Zero creates opportunities for learning and professional development, providing access to workshops, training resources, and a robust knowledge-sharing environment. Come help us push the boundaries of security technology while making a tangible impact on our clients and your career. We can't wait to see what you bring to our innovative team!

Frequently Asked Questions (FAQs) for Splunk Engineer - Consultant Certified/Heavy ES Experience Required (R-00028) Role at True Zero Technologies
What are the main responsibilities of a Splunk Engineer at True Zero Technologies?

As a Splunk Engineer at True Zero Technologies, your key responsibilities include maintaining various clients' Splunk instances, focusing heavily on data onboarding, content development, reporting, and creating visualizations. You'll work collaboratively with your team to implement actionable alerts and workflows, develop risk and incident rules, and assist in training others on Splunk functionalities.

Join Rise to see the full answer
What qualifications are required for the Splunk Engineer position at True Zero Technologies?

To qualify for the Splunk Engineer position at True Zero Technologies, candidates must have prior experience in Splunk engineering and administration, a Consultant certification, and substantial knowledge in Enterprise Security. Additional experience supporting federal customers is advantageous, and familiarity with creating dashboards, reports, and managing data lifecycles is essential.

Join Rise to see the full answer
What tools and resources does True Zero Technologies provide for the Splunk Engineer role?

True Zero Technologies equips Splunk Engineers with access to a comprehensive knowledge base and technical backing from the Professional Services team. You'll benefit from an internal Slack channel for communication, training tools, and resources that promote skill development and efficiency in workflows.

Join Rise to see the full answer
How does True Zero Technologies support professional growth for its Splunk Engineers?

At True Zero Technologies, we prioritize the professional growth of our Splunk Engineers by offering investment in training and certifications. Additionally, we encourage contributions through white papers, blogs, and internal webinars, fostering an environment of information-sharing and continuous learning.

Join Rise to see the full answer
What benefits does True Zero Technologies offer to its Splunk Engineers?

Splunk Engineers at True Zero Technologies enjoy an attractive benefits package that includes a competitive salary, 100% coverage of medical premiums, 3 weeks of PTO starting out, 11 paid holidays, a 401k program with company match, and allowances for cell phone and home internet. We also provide paid maternity/paternity leave and opportunities for career advancement.

Join Rise to see the full answer
Common Interview Questions for Splunk Engineer - Consultant Certified/Heavy ES Experience Required (R-00028)
Can you explain how you approach data onboarding in Splunk?

When asked about your approach to data onboarding in Splunk, explain your methodical process. Discuss how you assess data sources, ensure proper indexing, and utilize best practices for data ingestion to maintain the integrity and security of data. Mention any specific tools or techniques you prefer.

Join Rise to see the full answer
What strategies do you employ for developing actionable alerts in Splunk?

In response to this query, highlight your understanding of risk-based alerting and your experience in creating alerts that are both meaningful and actionable. Discuss how you determine thresholds, incorporate machine learning models, and continuously refine alerts based on feedback and performance.

Join Rise to see the full answer
Can you provide an example of a time when you implemented an effective dashboard in Splunk?

To answer this question effectively, provide a specific example of a dashboard you've created and its purpose. Detail the data visualizations used, how the dashboard improved decision-making for stakeholders, and any user feedback that illustrates its impact.

Join Rise to see the full answer
How do you collaborate with team members and stakeholders on Splunk projects?

Discuss your collaborative approach, including how you engage with team members and stakeholders through meetings, workshops, and shared platforms like Slack. Emphasize your communication skills and how you adapt to different working styles to achieve a common goal.

Join Rise to see the full answer
What measures do you take to enhance the security of Splunk instances?

Answer by outlining your practices for securing Splunk instances, such as configuring user roles and permissions, enabling SSL, conducting regular audits, and implementing data retention policies. Highlight any experience you have with compliance frameworks.

Join Rise to see the full answer
Can you elaborate on your experience with Splunk ES and its core functionalities?

When asked about Splunk Enterprise Security (ES), elaborate on your hands-on experience and knowledge of its core components such as incident management, risk-based alerting, and security posture metrics. Illustrate your understanding by linking it to previous roles or projects.

Join Rise to see the full answer
What is your approach to training and supporting less experienced team members?

In your response, describe your commitment to mentorship and training. Offer examples of how you’ve facilitated learning through workshops, one-on-one sessions, or shared resources, promoting a culture of knowledge-sharing among team members.

Join Rise to see the full answer
How do you ensure effective configuration management for Splunk apps and knowledge objects?

Explain your strategies for configuration management, including version control practices, robust documentation, and using scripts for deployment. Discuss how these methods contribute to smoother operations and minimize potential errors.

Join Rise to see the full answer
How do you develop custom machine learning models for anomaly detection in Splunk?

To address this question, share your insights into the machine learning toolkit available in Splunk. Discuss the steps you take from data preparation to model training and how you validate the model, ensuring it provides meaningful insights while reducing false positives.

Join Rise to see the full answer
What tools do you utilize for monitoring, analyzing, and optimizing Splunk performance?

Articulate your experiences with tools like Splunk Monitoring Console, the Distributed Management Console, and third-party solutions you’ve employed. Emphasize how you leverage these tools to analyze performance metrics, troubleshoot issues, and implement optimizations effectively.

Join Rise to see the full answer
Similar Jobs
Photo of the Rise User
Posted 3 days ago
Photo of the Rise User
ServiceNow Remote Two Addison Circle 15725 North Dallas Parkway Suite 200, Addison, Texas, United States
Posted 4 days ago
Inclusive & Diverse
Mission Driven
Rise from Within
Diversity of Opinions
Work/Life Harmony
Empathetic
Feedback Forward
Take Risks
Collaboration over Competition
Medical Insurance
Dental Insurance
Vision Insurance
Mental Health Resources
Life insurance
Disability Insurance
Health Savings Account (HSA)
Flexible Spending Account (FSA)
Conferences Stipend
Paid Time-Off
Maternity Leave
Equity
Photo of the Rise User
Veeva Systems Remote South Korea - Seoul
Posted 4 days ago
Inclusive & Diverse
Rise from Within
Mission Driven
Diversity of Opinions
Family Medical Leave
Maternity Leave
Paternity Leave
Lactation Facilities
Family Coverage (Insurance)
Medical Insurance
Dental Insurance
Vision Insurance
Mental Health Resources
Life insurance
Disability Insurance
Health Savings Account (HSA)
Flexible Spending Account (FSA)
401K Matching
Paid Time-Off
Paid Volunteer Time
Photo of the Rise User
Miratech Remote Other streets, India, Europe, Latin America, Ukraine
Posted 6 days ago
MATCH
Calculating your matching score...
FUNDING
DEPARTMENTS
SENIORITY LEVEL REQUIREMENT
TEAM SIZE
EMPLOYMENT TYPE
Full-time, remote
DATE POSTED
December 21, 2024

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!