Splunk Developer

  • 500P/D
  • Glasgow, Scotland, United Kingdom
  • Contract, Full time
  • Headstrong Worldwide
  • 19 Feb 18 2018-02-19

A Security Analytics Engineer primarily focused on the Splunk platform is required on the Technology & Information Risk Cyber Security Solutions Engineering Team. This role seeks someone who can provide the highest level of security consultancy and engineering oversight of our Security Analytics platforms.

Responsibilities - Work with global colleagues from both internal and external teams throughout the organization to provide solutions via ongoing communications and consistent processes

Onboard and cleanse data sources using CIM best practices for field extraction and Splunk Data Model optimizations

Complete environment tooling, configuration, build, and documentation tasks with a focus on quality and ongoing platform supportability

Provide support for production platforms through health monitoring and root cause troubleshooting

Develop tools to automate/improve existing processes and procedures in areas such as configuration management and runtime tooling

Assist in the design, architecture and implementation of Security Analytics infrastructure with a focus on a wide variety of areas spanning: performance analysis, platform optimization, monitoring/metrics gathering to facilitate reporting/tuning, upgrades, process management, capacity planning, and relevant documentation using the Firms tools in a fashion consistent with existing policies and procedures

Participate in technology evaluations and play an active role in suggesting improvements based on technology trends, best practices, and industry standards

Essential Skills -Customer-focused Splunk Enterprise Security SIEM engineering background - SME knowledge of ES v4.7, Direct experience with Splunk Engineering and data integration

Prior SIEM data modelling experience on similar platform at scale (>50 servers)

Scripting and development skills in Python/Perl with deep comprehension of regular expressions

Broad Linux/*nix Systems Administration experience

Exceptional communication/interpersonal abilities as a flexible, self-driven team member

Strong task management and organizational skills to insure balance and timely completion of ongoing efforts

General networking and security knowledge in areas such as Firewalls, TCP/UDP, Routing/Switching, DNS, NAT, Packet Tracing and Analysis, etc.

Ability to demonstrate broad exposure to various technologies - Preferably in a global environment in the finance industry or an industry at a similar scale Desired Skills

Splunk Enterprise platform integration and deployment experience

Big Data experience with tools such as Kafka, NiFi, Storm, Grok, Parquet, Spark,HDFS

Familiarity with key security events on common platforms

Knowledge or experience with security areas such as Indicators of Compromise (IoC)

Industry certifications such as CISSP, SANS, CeH, etc.

SDLC experience using systems such as JIRA and Git/SVN

Familiarity with DevOps style content management platforms such as Audible/Puppet/Chef

Experience authoring security policy and security best practice documentation

Software development experience with Object Oriented principles in Python/Java/C++