Splunk Cyber Security System Engineer – EU citizens only
Project detail
Location: Brussel, Belgium – relocation needed
B2B Contract duration: 6 months
Work from Home: 2/5 days per week
Language: English (full proficiency)
In order to ensure that the availability and performance of the Splunk infrastructure is guaranteed and managed according to best practices, there is a requirement for infrastructure support from technical Splunk expert (Cyber Security System Engineer).
More specifically, tasks related to the Splunk infrastructure include the following:
• Upgrading the infrastructure (introduction of new components in the Splunk infrastructure as
well as the upgrade of the existing infrastructure);
• Architecture related task;
• Troubleshoot and pin-point issues that might arise in the infrastructure and that have an
impact on the performance and/or the availability of the Splunk platform (platform downtime, broken searches, storage issues, etc.). Remediate aforementioned issues in a time-efficient manner and according to Splunk best practices;
• Document all performed activities (troubleshooting timeline, updates, upgrades, changes, …) in the client’s content management system.
The Splunk infrastructure expert would also require a good understanding of Splunk architecture in place and the data sources available, in order to assist with the following activities:
• Integrate new data sources into the client’s Splunk infrastructure;
• On request by security, the network or the operation team, create custom reports,
dashboards or alerts.
• Develop new Apps and add-on for the client’s specific needs.
In addition to those operational activities on the current Splunk platform, the Cyber Security System Engineer will be directly involved in the migration to a new platform (design, architecture, implementation and documentation).
Note: Daily operations of the Splunk infrastructure (active monitoring, minor patching, take first remediation actions in case of issue) are out of scope.
It’s highly important for you to have:
• General Docker knowledge and experience running Splunk on Docker infrastructure;
• Experience developing Splunk apps;
• Experience with GIT.
Mandatory certifications required:
• Splunk Enterprise Certified Admin;
• Splunk Enterprise Security Certified Admin;
• Splunk Enterprise Certified Architect.