Advanced Splunk Security Engineer

at  Honeywell

Innovate to solve the world’s most important challenges
Honeywell (www.honeywell.com) is a Fortune 100 technology company that delivers industry specific solutions that include aerospace products and services; control technologies for buildings and industry; and performance materials globally. Our technologies help aircraft, buildings, manufacturing plants, supply chains, and workers become more connected to make our world smarter, safer, and more sustainable.
We strive to be a company of thinkers, doers, dreamers, and makers – let’s do this together! We are seeking an Advanced Splunk Security Engineer for our Global Cyber Security Team. You would join a Team responsible for managing, developing, and deploying Splunk Enterprise Security in a complex enterprise environment. You would lead efforts to analyze challenging security gaps, brainstorm creative risk-based alerting rules, and measuring the strategic impact of this program.

• Provide administrator-level support to a Splunk Enterprise Security deployment and how this interacts with core Splunk architecture.
• Conceptualize, deploy, and tune risk-based alerting (RBA) rules for a wide range of security use cases.
• Leverage Search Processing Language (SPL), develop Splunk apps, analyze complex data, interpret insights, create visualizations, set up alerts, and integrate Splunk with other security tools.
• Understand complex cyber security attack vectors such as network reconnaissance, scanning, DDOS, lateral movement, malicious code deployment, in the context of an enterprise environment.
• Able to leverage scripting languages to automate tasks and manipulate data; expertise with Red Hat Enterprise Linux (RHEL); security tool data, including Network & Host Firewall, Tenable, Tanium.
  Must be eligible for USG Security Clearance