Talent.com
IT / Compliance Support

IT / Compliance Support

MetroSysCA, US
30+ days ago
Job type
  • Full-time
  • Quick Apply
Job description

Position Summary :

  • We are seeking an experienced Splunk Expert with strong configuration and scripting skills to support IT compliance requirements.
  • This role will involve executing a Fixed-Fee Project (FFP) with a well-defined scope of activities, including creating Splunk alerts, configuring correlation events, and integrating compliance-related data sources into Splunk dashboards.
  • The ideal candidate will have expertise in log ingestion, dashboard creation, metric development, and security / compliance automation within Splunk.

Key Responsibilities :

  • Splunk Configuration & Alerting : Develop custom Splunk alerts for compliance monitoring.
  • Configure Splunk correlation events to detect and respond to security incidents.
  • Optimize Splunk performance for large-scale data ingestion and analysis.

    • Compliance & Security Dashboard Development :

  • Add SCAP (Security Content Automation Protocol) Scan Results to a Splunk Continuous Monitoring (ConMon) Dashboard .
  • Create a Time Skew Metric in Splunk to detect if any system clock is out of sync by more than one minute .
  • Import and analyze WinZip SafeMedia logs (including read / write successes, failures, and attempts).
  • Develop software and firmware patching dashboards displaying patching success / failure with drill-down capability.
  • Create a Flaw Remediation Metric to track the time between vulnerability discovery and remediation (possibly integrating Nessus).

    • Log & Data Integration :

  • Import and analyze encryptor logs and network manager logs into Splunk.
  • Optimize log parsing and correlation for compliance and security auditing.

    • Automation & Scripting :

  • Develop custom scripts (e.g., Python, Bash, PowerShell) to automate data ingestion and reporting.
  • Implement automated workflows to improve compliance and security reporting.

    • Required Qualifications & Experience :

  • 5+ years of hands-on experience with Splunk administration, scripting, and security analytics .
  • Strong knowledge of Splunk Enterprise Security (ES), Splunk ITSI, and Splunk Compliance Monitoring (ConMon) .
  • Experience in log ingestion, parsing, correlation, and alerting .
  • Proficiency in Python, Bash, or PowerShell scripting for automation.
  • Familiarity with SCAP scanning, vulnerability management (Nessus, Qualys), and compliance frameworks (NIST, CIS, ISO 27001, FedRAMP, HIPAA, PCI-DSS) .
  • Experience in integrating security logs, system logs, and third-party data sources into Splunk.

    • Preferred Qualifications :

  • Splunk Certified Architect or Splunk Certified Admin certification.
  • Experience in federal IT compliance environments or large-scale enterprise security monitoring .
  • Knowledge of machine learning and anomaly detection in Splunk.
  • Experience working with AWS, Azure, or Google Cloud Splunk integrations .
  • Powered by JazzHR
    • Create a job alert for this search

    Support • CA, US