IT/Compliance Support

CA
Contracted
Mid Level

Position Summary:

We are seeking an experienced Splunk Expert with strong configuration and scripting skills to support IT compliance requirements. This role will involve executing a Fixed-Fee Project (FFP) with a well-defined scope of activities, including creating Splunk alerts, configuring correlation events, and integrating compliance-related data sources into Splunk dashboards. The ideal candidate will have expertise in log ingestion, dashboard creation, metric development, and security/compliance automation within Splunk.


Key Responsibilities:

  • Splunk Configuration & Alerting:

    • Develop custom Splunk alerts for compliance monitoring.
    • Configure Splunk correlation events to detect and respond to security incidents.
    • Optimize Splunk performance for large-scale data ingestion and analysis.
  • Compliance & Security Dashboard Development:

    • Add SCAP (Security Content Automation Protocol) Scan Results to a Splunk Continuous Monitoring (ConMon) Dashboard.
    • Create a Time Skew Metric in Splunk to detect if any system clock is out of sync by more than one minute.
    • Import and analyze WinZip SafeMedia logs (including read/write successes, failures, and attempts).
    • Develop software and firmware patching dashboards displaying patching success/failure with drill-down capability.
    • Create a Flaw Remediation Metric to track the time between vulnerability discovery and remediation (possibly integrating Nessus).
  • Log & Data Integration:

    • Import and analyze encryptor logs and network manager logs into Splunk.
    • Optimize log parsing and correlation for compliance and security auditing.
  • Automation & Scripting:

    • Develop custom scripts (e.g., Python, Bash, PowerShell) to automate data ingestion and reporting.
    • Implement automated workflows to improve compliance and security reporting.

Required Qualifications & Experience:

  • 5+ years of hands-on experience with Splunk administration, scripting, and security analytics.
  • Strong knowledge of Splunk Enterprise Security (ES), Splunk ITSI, and Splunk Compliance Monitoring (ConMon).
  • Experience in log ingestion, parsing, correlation, and alerting.
  • Proficiency in Python, Bash, or PowerShell scripting for automation.
  • Familiarity with SCAP scanning, vulnerability management (Nessus, Qualys), and compliance frameworks (NIST, CIS, ISO 27001, FedRAMP, HIPAA, PCI-DSS).
  • Experience in integrating security logs, system logs, and third-party data sources into Splunk.

Preferred Qualifications:

  • Splunk Certified Architect or Splunk Certified Admin certification.
  • Experience in federal IT compliance environments or large-scale enterprise security monitoring.
  • Knowledge of machine learning and anomaly detection in Splunk.
  • Experience working with AWS, Azure, or Google Cloud Splunk integrations.
Share

Apply for this position

Required*
Apply with Indeed
We've received your resume. Click here to update it.
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

Human Check*