Honeywell\n(www.honeywell.com) is a Fortune 100 technology company that delivers industry specific\nsolutions that include aerospace products and services; control technologies\nfor buildings and industry; and performance materials globally. Our\ntechnologies help aircraft, buildings, manufacturing plants, supply chains, and\nworkers become more connected to make our world smarter, safer, and more\nsustainable.
We strive to\nbe a company of thinkers, doers, dreamers, and makers – let’s do this together!\nWe are seeking an Advanced Splunk Security Engineer for our Global Cyber\nSecurity Team. You would join a Team responsible for managing, developing, and\ndeploying Splunk Enterprise Security in a complex enterprise environment. You\nwould lead efforts to analyze challenging security gaps, brainstorm creative\nrisk-based alerting rules, and measuring the strategic impact of this program.
KEY\nRESPONSIBILITIES:
-Provide administrator-level support to a Splunk Enterprise Security deployment and how this interacts with core Splunk architecture.
-Conceptualize, deploy, and tune risk-based\n alerting (RBA) rules for a wide range of security use cases.
-Leverage Search Processing\n Language (SPL), develop Splunk apps, analyze complex data, interpret\n insights, create visualizations, set up alerts, and integrate Splunk with\n other security tools.
-Understand complex cyber security\n attack vectors such as network reconnaissance, scanning, DDOS, lateral\n movement, malicious code deployment, in the context of an enterprise\n environment.
-Able to leverage scripting\n languages to automate tasks and manipulate data; expertise with Red Hat\n Enterprise Linux (RHEL); security tool data, including Network & Host\n Firewall, Tenable, Tanium.
Must be eligible for USG Security Clearance
YOU MUST\nHAVE:
-A minimum of 5 years experience with Splunk ES, Splunk core, or similar security tools focused on RBA, monitoring, detection, alerting, data exploration, analysis, and visualization.
-Proficiency in quantitative analyses and visual representations of data sources; versatility in scripting languages, capable of automating tasks and interacting with a variety of security tools.
-Strong communication skills and demonstrated ability to lead major projects across a variety of Teams in a large corporate environment.
-Deep knowledge of scripting languages like CSS, HTML, JavaScript, Python, and shell scripting; intermediate understanding of Red Hat Enterprise Linux (RHEL); experience with security tool data.
-Understanding of cloud and hybrid cloud environments, and security frameworks such as MITRE ATT&CK, OWASP, and NIST.
-Understanding of the evolving threat landscape and current attack tools to gain unauthorized access to enterprise environments.
-A plus for CompTIA and Security + Certification.
WE VALUE:
-Knowledge of defense, intelligence, and cyber security incident response process and procedures.
-CISSP Certification or equivalent DoD 8570 Certification.
-Splunk certifications.
The annual base salary range for this position is $157,000-$196,000 Please note that this salary information serves as a general guideline. Honeywell considers various factors when extending an offer, including but not limited to the scope and responsibilities of the position, the candidate's work experience, education and training, key skills, as well as market and business considerations.
This position is incentive plan eligible.
#Li-Remote
Additional InformationJOB ID: HRD255070Category: EngineeringLocation: United StatesExemptEngineering (GLOBAL)
Honeywell is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status.