$120 - $140 an hour - Contract, Fixed term Responded to 75% or more applications in the past 30 days, typically within 1 day. Job details Job details Here’s how the job details align with yourprofile . PayJob type Contract Fixed term LocationApplication closing date: Friday, 01 March 2024 • 11:59pm, Canberra timeEstimated start date: Monday, 01 April 2024Location of work: QLDWorking arrangements: Remote working may be suitable to support the requirements of this role. The Department also supports flexible working from home arrangements on a case-by-case basis subject to the business needs of the supervising manager and business unit. Please indicate clearly in your response the candidates desired work location if outside ACT/Canberra.Length of contract: 12 monthsContract extensions: 2 x 12 monthsSecurity clearance: Must have BaselineRates: $120 - $140 per hour (inc. super)The Department of Industry, Science and Resources (DISR) plays a key role in the Australian Government's agenda to create jobs and build a stronger, more resilient, and competitive economy. The Chief Information Officer Division (CIOD) is an exciting, fast-paced division that drives the digital agenda for the Department. The Cyber Security team within the Digital Strategy & Cyber Security branch is seeking to engage a Splunk Engineer to lead the engineering, administration and tuning of a highly complex Splunk environment.The Splunk Engineer will be responsible for maintaining the overall Splunk architecture and the effectiveness and efficiency of the SIEM. This includes proficiency in managing search heads, indexers, deployment servers and heavy forwarders. To assist the mission of the SOC, a strong understanding of Enterprise Security and SOAR is required. The Splunk Engineer will work closely with other members of the SOC and Cyber security team.The Splunk engineer should also demonstrate advanced knowledge of Splunk Cloud and the configuration of federated search. The Splunk engineer will engage with end users, external teams and vendors to gather requirements, troubleshoot issues, and provide support for the creation of Splunk search queries and dashboards. The Splunk engineer will require good understanding of ITIL and change processes.Key Responsibilities:Manage Splunk Cloud environment application updates, dashboarding, integrations and health checksOnboard new data/log sourcesRun queries and searches to inform SOC requestsPerform data quality and data model assessments on a periodic basisMaintain Heavy Forwarding logging infrastructureMaintain existing on premise Splunk enterprise and SOAR - including patching, application updates integrations and health checksAssist in playbook and automation maintenanceInvestigate technologies to assist with vulnerability analysis and remediation effortsStay up-to-date with the latest security threats, vulnerabilities, and trends in the cybersecurity industryBachelor's degree in Cyber Security, Information Technology, or related field. Relevant certifications such as Splunk User, Core, Architect, ES and SOAR are preferred.3+ years of experience in cybersecurity Knowledge of common cybersecurity threats, vulnerabilities, and attack vectors. Experience with Splunk Enterprise Security, Splunk Cloud and Splunk SOARExperience with case, incident and ticket management Experience with ITSM tools such as ServiceNow and AtlassianAbility to work in a fast-paced, high-pressure environment. Strong problem-solving and analytical skills. Excellent written and verbal communication skills.
#J-18808-Ljbffr