IT Security SIEM Engineer

About the job
Amtex Systems Inc is an information technology and talent solutions company offering talent and BI consulting to the companies in US for over 20 years.

Our solutions are designed to fill resource gaps, by providing the right candidates who deliver value to the organization. Our propensity to nurture and build strong relationships with our clients helps us better understand their business demands and gives us the ability to provide services that are on time and rise above the rest.

Client: ACS

Onsite in NYC

Need Someone Who Can Work On W2

Anticipated Dates of Performance: 4/22/2024 – 4/21/2025

Hours/ Shift

Normal Business Days/Hours: Monday – Friday (9:00am - 5:00pm includes one-hour unpaid

lunch) - 35 hours work week.

Scope of Work

The IT Security SIEM (Splunk) Engineer will provide overall engineering, and administration in

supporting a cloud based Splunk environment consisting of search heads, indexes, deployers,

deployment servers, heavy/universal forwarders and Splunk apps spanning security,

performance, and operational roles. The Engineer should be proficient with recognizing and

onboarding new data sources into Splunk, analyzing the data for anomalies and trends, andbuilding dashboards highlining the key trends of the data. The IT Security SIEM (Splunk)

Engineer should be proficient within Linux environment, edition and the following:

Good understanding and hands on experience of designing business solutions using Splunk
Ability to Design, develop, and maintain complex Splunk queries and dashboards intended

for technical and executive audiences

High level experience with dashboards, reports, alerts and managing knowledge objects
Knowledge of enterprise logging, including application, web, database, and security logging
Strong interpersonal, communication, and presentation skills
Advanced experience with Splunk data analytics, data visualization, reporting capabilities
Ability to work self-sufficiently on assigned tasks
Responsible for identifying and onboarding of log sources to help with monitoring,

detection, and response

Work with stakeholders to develop requirements and deliverables

Qualifications And Desired Skills

Knowledge of Incident Response Procedures
Knowledge of Packet Analysis
Knowledge of IDS/IPS solutions and various Host-Based Tools
Experience with Log Aggregation Tools
Knowledge of patterns in network and system activity via log correlation using

Splunk and supplemental tools

Verbal and written communication ability
Splunk Certified to include but not limited to Splunk Enterprise Certified Admin,
Splunk Cloud Certified Admin, Splunk Enterprise Certified Architect
CASP, GCIH, GCWN, GISF, GISP, GSSP, GICSP, GSSP, SEI, CISSP, CSSLP, SSCP, CCNP,

CCNP Security, CCIE Security, CEH, ECSP, MCSE