Security Analyst

We have an exciting opportunity for a talented Security Analyst (Local Candidates strongly preferred) to work with one of our direct clients in Boca Raton, FL. We love referrals! Please refer us to your friends, family, and colleagues for this opportunity. We also give referral bonuses if they get selected and perform well for our clients.

• Security Analyst will focus on advance Splunk administration, configuration, and development efforts, with a goal towards enhancing and further refine Splunk infrastructure as it relates to application, machine logs, troubleshooting, reporting, customer queries, and building dashboards.
• Focus on continual evaluation and process improvement and maximizing Splunk capabilities to increase value to FTE's Information Technology cross functional teams.
• Assist the SRCO team with investigations, triage forensic analysis, and evidence preservation.
• Perform threat intelligence and hunting by leveraging in place security tools.
• Standardize Splunk agent deployment, configuration, log aggregation, and maintenance across a variety of platforms to include UNIX, Windows, VMWare, SQL, Oracle, and Data Storage environments.
• Troubleshoot Splunk server and agent problems including on-point for escalation for Splunk operations support.
• Monitor the agents and server infrastructure for capacity planning and optimization.
• Design Splunk dashboards for monitoring PCI-DSS, Financial, including Perimeter Security environments and as required.
• Design and maintain support for SaaS environments to ensure appropriate logging and monitoring is maintained.
• Ensure that Splunk environment maintains a viable failover environment which is tested on a regular basis.
• Perform vulnerability scans for applications, databases, and server environments aligned with PCI-DSS standards and industry best practices.
• Work with respective FTE's Information Technology cross functional teams to ensure remediation of identified vulnerabilities are remediated within timeframes outlined by PCI-DSS standards and industry best practices.
• Perform cross functional training for other SRCO team members in Splunk tool management and monitoring.
• Provide support to Firewall administrator work with SRCO team assist with forensic analysis, investigations.
• Ensure compliance with established standards, policies, and configuration guidelines established by SRCO and industry best practices.

• Must have 5 to 7 years hands-on experience with Splunk
• Must have 5 to 7 years' experience with Unix (RedHat), Windows, VMWare and other platforms
• Working 2 to 3 years' working experience with vulnerability scanning tool (Rapid7 Nexpose preferred)
• Must have advanced understanding of database environments such as SQL, Oracle etc.

• Four (4) year degree or equivalent experience.

• CISSP (Certified Information Systems Security Professional)
• Splunk Enterprise Certified Administrator (preferred)
• Splunk Enterprise Security Certified Administrator (preferred)