SIEM Content Developer

---

Job description

SIEM Content Developer is responsible for developing, customizing, and configuring Splunk apps and dashboards. The candidate will build and integrate content in a Splunk Core and ES environment and provide technical support to NOC and SOC customers to detect, hunt, and mitigate cyber threats. Ability to interact with end users to gather requirements, optimize existing SIEM processes, and leverage Splunk technology to improve detection and analysis methods. Reviews and recommends cyber security solutions to customer problems based on understanding products/systems test results. Provides Splunk support and guidance to NOC and SOC analysts, improves the efficiency of NOC and SOC analysts, operates under deadlines, and can work on multiple tasks.

Job Description

• Support the day-to-day operation of a highly available distributed multi-clustered multi-tenant Splunk deployment.
• Create queries, dashboards, and visualizations to support customer requirements and monitoring of the Splunk deployment.
• Develop custom functions and data management strategies utilizing data transform capabilities and applications.
• Create and manage Splunk knowledge objects, including apps, dashboards, alerts, extractions, tags, workflow actions, and aliases.
• Develop content with regular expressions, performing data interpretation classification and enrichment.
• Develop reports for operational activities and to meet NOC and SOC customer requirements.
• Facilitate excellent problem-solving, critical thinking, and analytical skills with the ability to deconstruct problems.

Required Qualifications and Experience

• Flexibility to meet any threat scenario 24/7/365 as mission dictates.
• Must be a US Citizen with an active DoD Public Trust Clearance.
• Bachelor's Degree in Information Technology or related field
• Four years of SIEM (e.g., Splunk) Content Development experience

Desired Qualifications

• Certified Ethical Hacker (CEH) or other equivalent cyber certification(s)
• Splunk Core Certified Consultant
• Cribl Certified User
• Security Tool Certifications (e.g., Cisco, Palo Alto, etc)
• Experience or a desire to learn advanced SOC methodologies using Splunk ES
• Experience or a willingness to learn NOC technologies
• Experience with Security Orchestration, Automation, and Response (SOAR) tools and technologies (e.g., Splunk SOAR, Ansible, Python, etc.)

Pay & Benefit Highlights Compensation

• Above market fixed salary or hourly pay.
• Up to $10,000 bonus for each referral.
• Additional bonuses for exceptional performance, assisting with business development and company growth.

Health

• 100% paid premiums for health insurance. Choose from over 80 gold-level medical plans from Aetna, CareFirst, Kaiser and UnitedHealthcare. Choose from PPO, EPO, POS, HMO, and HSA-compatible.
• HSA and FSA options.
• 100% paid premiums for dental insurance.
• 100% paid premiums for vision insurance.

Income Protection

• 100% paid premiums for short-term disability.
• 100% paid premiums for long-term disability.
• 100% paid premiums for accidental death & dismemberment.
• 100% paid premiums for life insurance with a $200,000 max benefit.

Retirement

• 8% company contribution to 401k with immediate vesting.
• 401k pre-tax and Roth options.

Leave

• Up to 20 days of flexible paid time off (PTO).
• 11 days of paid floating holidays.

Work-Life Balance

• Flexible work schedules including flex time and compressed work period.
• Remote work including partial or fully remote (contract and project-dependent).

View our detailed Pay & Benefits Equal Opportunity Employer Base-2 Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

<!– job description page –>