Splunk Administrator/Penetration tester

Title: Splunk Administrator/Penetration tester

Location: Remote

Length: Long term

Restriction: W2 or C2C

Description:

*** Web Cam Interview *** *** Long term *** *** Remote ***

Short Description:

Perform PenTest on all agency applications an Admin for Splunk.

Job Description:

Pentest

Testing: Performing remote or onsite tests on all VDH systems, networks, and applications to identify security weaknesses

Analyzing: Analyze the vulnerabilities and mitigation methods

Reporting: Provide reports which include findings, risks, and conclusions

Advising: Recommend security improvements and methods to mitigate security risks

Collaborating: Working with VDH IT to determine their testing requirements

Creating: Creating and implementing new penetration testing methods, scripts, and tool

Splunk

Management of Data Collection Infrastructure

Deployment Server management to distribute Splunk Universal Forwarder (UF) instances

Syslog servers that collect data from infrastructure systems (firewalls, IDS, UPS or other syslog generating device)

Splunk heavy forwarders which can collect information from various databases or third party systems

Splunk HTTP event collector to obtain data from custom applications (Java, .net, JavaScript, or other web apps), and

When used, Splunk Stream to capture wire data and output raw or statistical information about the data.

Rearchitecture of Syslog aggregation for Splunk or extensive modification to Syslog configuration (configuring new storage, building for high availability, etc.)

Expanding log source collection of an existing source type

Custom script development (e.g., for data collection or integration to non standard products)

Required Skills:

Splunk Admin 3 Years

PenTest4Years

Security Awareness 2 Years

Vulnerability Management 2 Years

Team Player 4 Years

Desired Skills:

Risk Assessment 3 Years

NIST 80053 3 Years