Splunk Consultant
rSolutions is currently seeking a candidate to fulfill a role as a Splunk Consultant. This position requires previous experience in general IT technologies, IT security operations, IT security monitoring tools, or data analytics and a passion for continuous learning and problem solving. The candidate must be well versed in core Splunk products and be knowledgeable in implementation best practices with onboarding data, creating knowledge objects, and utilizing the Splunk Common Information Model. This experience is usually gathered through a combination of training and on the job experience. This position is location flexible, up to 75% travel will be required (post COVID-19 restrictions). This is a billable position and may require working days during provincial / federal holidays when working with customers outside of your home territory.
Major Duties and Responsibilities
Work independently and as part of the team performing Splunk Professional Services activities including but not limited to:
- Implement Splunk products to fulfill our customer’s security or operational needs.
- Optimize Splunk architecture for large-scale/distributed deployments.
- Establish and ensure adoption of best practices and development standards.
- Identifying customer requirements and deriving use cases from them.
- Advanced searching, reporting, and dash-boarding.
- Developing Splunk apps and TAs.
- Documenting work completed, and providing regular status reports.
- Interacting with technical and non-technical business people internally and customer facing.
Preferred Skills/Experience:
- Experience with storage technologies, advanced administration on Linux and Windows, computer networks, databases, or AWS / Azure / GCP administration.
- Certifications or experience managing many of today’s security tool sets (IPS/IDS, AV, Firewalls, Switches, etc).
- Existing certifications or accreditations in Splunk products.
- Advanced knowledge in:
Splunk architecture and large / hybrid deployments
Extensive knowledge of a tier Splunk installation including; indexers, forwarders, search heads, clusters.
Splunk forwarder deployment, configuration and maintenance across a variety of platforms.
Creating production quality dashboards, reports and threshold alerting mechanisms. - Experience with Splunk premium apps not limited to Enterprise Security (ES) or IT Service Intelligence (ITSI).
- Experience working with Splunk Cloud as a PS consultant.
- Working knowledge in Python, Perl, CSS/HTML, or JavaScript.
- Strong critical thinking and technical troubleshooting abilities.
- Project management skills.
- Existing or expired Canadian Federal Security Clearance (Secret Level II).
Our ideal candidate will have:
- Experience working in, or understanding of, the IT or IT Security arena.
- A solid foundational understanding of networking principals, security best practices and systems administration is required.
- Hands on experience with security monitoring tools including, endpoint protection, network, or data loss prevention.
- Spunk Enterprise Experience or related experience with SIEM tools or data analytics
- Have a bachelor’s degree in computer science, information systems, data processing or have demonstration of equivalent experience.
- Working knowledge of Linux and Windows OS administration.
- Ability to work in project teams and complete individual tasks in a timely manner.
- Excellent written and oral communication skills.
- A sense of personal accountability.
- Willing to undergo security screenings, background / credit checks as required by certain jobs.
Why rSolutions:
rSolutions is a Canadian Information Security and Data Analytics firm. Founded in 2010, rSolutions has grown its client base with a focus on exceptional customer care. rSolutions services a diversity of clients across Canada and the United States in Energy and Utilities, Mining, Financial Services, Healthcare, Media, Education, Retail, Telecommunications, Public Sector and Law Enforcement.
More info/Apply: careers@rsolutions.com