Security Platform Engineer - Splunk Enterprise Security Platform Engineer - Splunk Enterprise …

State Street Corporation
in Quincy, MA, USA
Festanstellung, Vollzeit
Letzte Bewerbung, 17 Sep 20
Competitive
State Street Corporation
in Quincy, MA, USA
Festanstellung, Vollzeit
Letzte Bewerbung, 17 Sep 20
Competitive
State Street Corporation
Security Platform Engineer - Splunk Enterprise
As a Security Platform Engineer, you will play a key technical role in our Security Analytics Platform team within the CIS engineering organization. You will serve as a technical expert for product engineering and service support for critical enterprise security technologies of the firm's Information Security Services.
The role primarily entails hands on product design and deployment specifically for building and managing SIEM platforms like Splunk Enterprise, Splunk User Behavior Analytics, Splunk Phantom, Splunk Enterprise Security and Arcsight.

Responsibilities will include:

  • Engineer, implement and administer SIEM platforms Arcsight, Splunk Enterprise, Splunk Enterprise Security, Splunk UBA, Splunk Phantom in public cloud and on-premise datacenter.
  • Analyze, design, build & support Splunk Multi-Cluster Architecture. Maintain the existing Arcsight infrastructure
  • Incident & Problem Management, Change & Release Management, Vendor Management and Capacity Management functions for these applications
  • Manage Tier 3 production support tasks that cannot be handled by service provider who will provide 24X7 monitoring and maintenance of the platforms.
  • Proficiency developing log ingestion and aggregation strategies
  • On-board new data sources into Splunk, analyze the data for anomalies and trends and build dashboards highlighting the key trends of the data.
  • Monitor log sources to ensure there are no gaps in log collection for a source or from instances within a source
  • Perform integration activities to connect with 3rd party software.
  • Manage automating Splunk deployments and orchestration within AWS environment.
  • Communicate requirements and risks to stakeholders such as Product, Engineering, and Security leadership.
  • Work with cross-functional teams to proactively improve on existing integration automation/workflows.
  • Maintain up-to-date knowledge of technology standards, industry trends, emerging technologies, and MSS best practices.
  • Ensure technical issues are quickly resolved and help implement strategies and solutions to reduce the likelihood of recurrence.

Skills/Knowledge Desired:

  • Splunk certifications such as Splunk Certified Developer, Enterprise Security Implementation, Splunk Enterprise Certified Consultant and/or Splunk Enterprise Certified Architect
  • Experience implementing, architecting and administering Splunk and Splunk Enterprise Security, Splunk UBA and Splunk Phantom
  • Azure/AWS knowledge required with experience preferred in managing Splunk implementation in AWS
  • Must have hands on experience in Splunk Enterprise Environment setup and troubleshooting skills
  • Must have knowledge on setting up new data feeds into Splunk
  • Must be able to Maintain, Manage and Monitor Splunk Infrastructure (Identify bad searches, dashboards and manage overall health of Splunk
  • Experience on clustering and load balance Environments setup
  • Experience writing Splunk queries in Splunk Programming Language (SPL). Thorough understanding of Splunk processing language, optimization principles, APIs, and SDK.
  • Experience developing in XML, Bash, JavaScript and Python, Perl, PowerShell scripts
  • Experience with platforms such as Ansible, Puppet and Chef
  • Experience with other Information Security solutions including Symantec DLP, ZScaler, Palo Alto, Symantec, Check Point, McAfee, Active directory
  • Independent, self-motivated, proactive approach to problem solving and prevention.
  • Excellent written and verbal communication skills.
  • Passion for the cybersecurity space.
  • Broad experience with SOC, NOC and/or MSS operations.

Experience Desired

The candidate shall have Degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field and a minimum of 7+ years of experience in Security engineering , system administration, database administration, network engineering, software engineering, or software development, with a concentration in Cybersecurity.

  • 7+ years of IT engineering experience in building and managing infrastructure and security platforms
  • 3+ years of professional engineering experience with the Splunk platform
  • Minimum 1 full lifecycle implementation experience of Splunk Enterprise and Splunk Enterprise Security
  • In-depth knowledge of Splunk's multiple deployment options - including on-premise distributed deployments and public cloud
  • Expertise with data ingest, data normalization (delivered TAs, custom TAs), search/query design and execution.
  • Experience with Splunk component utilization (e.g. Indexer loads and requirements, search head peering, etc), component resourcing (e.g. underlying server specs), inter-component communications and tradeoffs (e.g. DNS vs IP tables, usage of SSL, etc) and underlying platform requirements.
  • Expert-level experience with SIEM technologies - implementation, tuning, troubleshooting Splunk and Arcsight
  • Expertise in building, deploying, scaling, and troubleshooting the various facets of large scale Splunk clusters and supporting apps.
  • 3+ years of DevOps Engineering experience
  • 3-5 years of hands on experience with security monitoring tools such as IDP/IDS, FW and AV with a strong understanding of network protocols and network monitoring tools
  • Hands-on experience supporting/developing enterprise technology and network infrastructure, including exposure to AWS or other public cloud infrastructure.
  • Knowledge of scripting languages such as Python, Perl, bash, etc.
  • Experience using Ansible and any flavor of Git.
  • At least one of the following certifications: CASP, GCIH, GCWN, GISF, GISP, GSSP, GICSP, GSSP, SEI, CISSP, CSSLP, SSCP, CCNP, CCNP Security, CCIE Security, CEH, ECSP, MCSE, RHCA, RHCE, VCP, VCAP, VCIX, VCDX
Unternehmensporträt

From technology and product innovation to corporate responsibility and community development, we're making our mark on the financial services industry. For more than two centuries, we've been helping our clients safeguard and steward the investments of millions of people - strengthening markets, building communities and creating opportunities for growth.

We owe that longevity to the commitment, expertise and creativity of our employees. Our continued success depends on our ability to attract and develop the best talent in the industry. That's why we're keenly focused on employee development, corporate citizenship and inclusion.

For us, success comes in the mark we make as an organization - for the industry, our clients, our communities and each other.

State Street Corporation logo
Ähnliche Jobangebote
Mehr Jobangebote ansehen
Close
Loading...
Loading...