Skip to main content

Splunk Enterprise Security (ES) Implementation Specialist

Contract Type: Contract

Posted Date: May 2, 2025

ECCO Select is a talent acquisition and consulting company specializing in people, process and technology solutions. We provide the talent behind the technology enabling our clients to achieve their goals. For more information about ECCO Select, visit us at www.eccoselect.com.

Position Title: Splunk Enterprise Security (ES) Implementation Specialist

Location Information: Onsite – Doral, FL

** MUST HAVE SECRET CLEARANCE **

 

Position Responsibilities:

• Plan and manage the implementation of Splunk ES, including requirements gathering, architecture design, and deployment.

• Onboard and normalize log data from a wide range of sources (e.g., firewalls, endpoint security, cloud platforms) to align with the Common Information Model (CIM).

• Configure and tune Splunk ES correlation searches, dashboards, and notable event rules to meet business-specific security use cases.

• Collaborate with security operations and engineering teams to integrate threat intelligence feeds, ticketing systems, and SOAR platforms.

• Develop and document processes for incident detection, alert triage, and response workflows using Splunk ES.

• Continuously optimize ES performance, storage, and detection content to reduce false positives and improve signal quality.

• Provide training and guidance to analysts and other stakeholders on using Splunk ES for threat detection and investigation.

• Stay up to date with emerging threats and Splunk security best practices to continually enhance detection capabilities.

 

Essential Skills & Experience:

• 3+ years of hands-on experience with Splunk, including Enterprise Security (ES).

• Deep understanding of log data, SIEM architecture, and cybersecurity concepts.

• Experience with data onboarding and normalization using Splunk CIM.

• Proven ability to write and optimize SPL (Search Processing Language) queries.

• Familiarity with security use cases such as threat detection, insider threat, compliance, and vulnerability monitoring.

• Strong analytical and problem-solving skills with attention to detail.

• Excellent communication and documentation skills.

Qualifications:

• Splunk certifications (e.g., Splunk Core Certified Power User, Splunk Enterprise Security Certified Admin).

• Experience integrating with SOAR platforms or automation tools.

• Familiarity with regulatory compliance frameworks (e.g., PCI-DSS, HIPAA, NIST).

• Knowledge of threat intelligence platforms and feeds (e.g., STIX/TAXII, MISP).

ECCO Select is committed to hiring and retaining a diverse workforce. Our policy is to provide equal opportunity to all people without regard to race, color, religion, national origin, ancestry, marital status, veteran status, age, disability, pregnancy, genetic information, citizenship status, sex, sexual orientation, gender identity or any other legally protected category. Veterans of our United States Uniformed Services are specifically encouraged to apply for ECCO Select opportunities.

Equal Employment Opportunity is The Law

This Organization Participates in E-Verify