Skills Required:
• Splunk architecture design and administration, including indexer clusters and search head clusters
• Configuration and management of forwarders (Universal and Heavy) for data collection and routing
• Splunk Processing Language (SPL) for building searches, reports, dashboards, and alerts
• Onboarding and parsing of new data sources, including props/transforms configuration
• Detection engineering and development of correlation searches within Splunk ES (Enterprise Security)
• Index management, including retention policies, data models, and storage optimization
• Performance tuning and troubleshooting across the Splunk stack
• Knowledge object management (lookups, field extractions, macros, data models)
• Integration with third-party tools and APIs for data ingestion and alerting
NEW YORK CITY HOUSING AUTHORITY RESIDENTS STRONGLY ENCOURAGED TO APPLY.
For Immediate Response call 732-876-7640, or send your resume to RecruiterPC@Trigyn.com
Tasks/ Duties:
• Assist the Cyber team with monitoring and maintaining Splunk environment health, including indexer cluster performance, search head stability, and forwarder connectivity.
• Assist with troubleshooting issues related to data ingestion, parsing, and search performance across the Splunk infrastructure.
• Assist Cyber Analysts in developing, refining, and tuning detection searches and correlation rules to enhance security monitoring and alerting capabilities
• Assist with onboarding and configuring new data source integrations, including props/transforms configuration and log normalization.
• Assist with managing and optimizing index configurations, retention policies, and storage to ensure efficient data management.
• Assist with the configuration and maintenance of Heavy Forwarders and Universal Forwarders for data collection and routing
• Assist with Splunk Enterprise Security (ES) administration, including notable event management and threat intelligence integration.
• Assist Cyber Analysts in creating and maintaining dashboards, reports, and alerts to support their workflows.
• Assist with producing and maintaining technical documentation covering architecture, configurations, and operational procedures.
• Assist with knowledge transfer and training to internal Cyber team members to build long-term operational capacity.
Trigyn's direct government client has an immediate need for an IT Security Specialist in New York, NY (Remote). The details of the opportunity are below.
NOTE: Need an IT Security Specialist with Splunk expertise - Splunk architecture, administration, clusters, forwarders, SPL, Splunk ES, parsing, index management.
Description:
The Cyber program seeks a consultant for a limited number of hours per week (10 maximum) to provide expert-level support for Splunk, our Security Information and Event Management (SIEM) system.
Background:
• Maintain Splunk environment health, including performance and search capability optimization.
• Support Cyber Analysts in developing and refining detection searches to improve visibility and security monitoring.
• Assist with onboarding and configuring new data source integrations into Splunk to expand alerting and response capabilities across the ecosystem.
• Support documentation and knowledge transfer to continue building internal team capacity.
TRIGYN IS AN EQUAL OPPORTUNITY EMPLOYER
About Trigyn: Trigyn is an IT Services Company that has been in business for 30 years with more than 1,500 resources deployed today. Trigyn is ISO 9001:2015, ISO 27001:2013 (ISMS) and CMMI Level 5 Certified. Trigyn is an E-Verify® Employer.