Honeywell(www.honeywell.com) is a Fortune 100 technology company that delivers industry specificsolutions that include aerospace products and services; control technologiesfor buildings and industry; and performance materials globally. Ourtechnologies help aircraft, buildings, manufacturing plants, supply chains, andworkers become more connected to make our world smarter, safer, and moresustainable.

We strive tobe a company of thinkers, doers, dreamers, and makers - lets do this together!We are seeking an Advanced Splunk Security Engineer for our Global CyberSecurity Team. You would join a Team responsible for managing, developing, anddeploying Splunk Enterprise Security in a complex enterprise environment. Youwould lead efforts to analyze challenging security gaps, brainstorm creativerisk-based alerting rules, and measuring the strategic impact of this program.

KEYRESPONSIBILITIES:
-Provide administrator-level support to a Splunk Enterprise Security deployment and how this interacts with core Splunk architecture.
-Conceptualize, deploy, and tune risk-based alerting (RBA) rules for a wide range of security use cases.
-Leverage Search Processing Language (SPL), develop Splunk apps, analyze complex data, interpret insights, create visualizations, set up alerts, and integrate Splunk with other security tools.
-Understand complex cyber security attack vectors such as network reconnaissance, scanning, DDOS, lateral movement, malicious code deployment, in the context of an enterprise environment.
-Able to leverage scripting languages to automate tasks and manipulate data; expertise with Red Hat Enterprise Linux (RHEL); security tool data, including Network & Host Firewall, Tenable, Tanium.

Must be eligible for USG Security Clearance

YOU MUSTHAVE:
-A minimum of 5 years experience with Splunk ES, Splunk core, or similar security tools focused on RBA, monitoring, detection, alerting, data exploration, analysis, and visualization.
-Proficiency in quantitative analyses and visual representations of data sources; versatility in scripting languages, capable of automating tasks and interacting with a variety of security tools.
-Strong communication skills and demonstrated ability to lead major projects across a variety of Teams in a large corporate environment.
-Deep knowledge of scripting languages like CSS, HTML, JavaScript, Python, and shell scripting; intermediate understanding of Red Hat Enterprise Linux (RHEL); experience with security tool data.
-Understanding of cloud and hybrid cloud environments, and security frameworks such as MITRE ATT&CK, OWASP, and NIST.
-Understanding of the evolving threat landscape and current attack tools to gain unauthorized access to enterprise environments.
-A plus for CompTIA and Security + Certification.


WE VALUE:
-Knowledge of defense, intelligence, and cyber security incident response process and procedures.
-CISSP Certification or equivalent DoD 8570 Certification.
-Splunk certifications.

The annual base salary range for this position is $157,000-$196,000 Please note that this salary information serves as a general guideline. Honeywell considers various factors when extending an offer, including but not limited to the scope and responsibilities of the position, the candidates work experience, education and training, key skills, as well as market and business considerations. 

This position is incentive plan eligible. 

In addition to a competitive salary, leading-edge work, and developing solutions side-by-side with dedicated experts in their fields, Honeywell employees are eligible for a comprehensive benefits package. This package includes employer subsidized Medical, Dental, Vision, and Life Insurance; Short-Term and Long-Term Disability; 401(k) match, Flexible Spending Accounts, Health Savings Accounts, EAP, and Educational Assistance; Parental Leave, Paid Time Off (for vacation, personal business, sick time, and parental leave), and 12 Paid Holidays. For more information visit: Benefits at Honeywell 

The application period for the job is estimated to be 40 days from the job posting date; however, this may be shortened or extended depending on business needs and the availability of qualified candidates.   

Li-Remote