Looking for an experienced security engineer with experience developing a mature security monitoring program using Splunk. This should include ingesting data from AD, Tenable, Palo Alto and a variety of other security/network devices. The engineer should also be familiar or can learn about FISMA maturity metrics.
The deliverable is a guide that would walk an inexperienced organization through the process.
-Inventory systems to should/shouldn't data to Splunk
-Best practices of what data should/shouldn't be sent to Splunk
-Once inventoried, how to set up each data flow properly and best practices (Will have to flesh out once the inventory comes back)
-Recommended dashboards for executives
-How to create the recommended executive dashboards
-Recommended dashboards for analysts
-How to create the recommended analyst dashboards
-Specific recommendations of data/systems/dashboards that should be created to meet FISMA metrics requirements
About the recuiterMember since May 20, 2018 Rory Millikin
from Loiret, France