Senior Splunk Engineer

Job Role: Senior Information Security Engineer (Splunk)

Experience: 7 to 11 years

Location: Bangalore, India

Position details

The Role of the Senior Information Security Engineer (Splunk) will be part of a team that is responsible to manage, enhance and monitor the enterprise log management and security orchestration platforms. The engineer will be part of a team that will work closely with key stakeholders from Security Operations Center, IT, Business and Corporate Support Functions to gather requirements, understand priorities and communicate in business speaking terms to the lines of business, and to upper management. The engineer will be part of a team that will identify and develop metrics that will measure the effectiveness of practices and controls for SIEM and SOAR platforms on a periodic basis; and develop dashboards that illustrate the effectiveness of coverage, monitoring and security of enterprise logs over time.

Additionally, the engineer is part of a team that will work to resolve information security related incidents and events related security breaches in a manner that ensures the safety of information system assets and confidential customer, consumer, employee and corporate data. The engineers will also identify and manage the implementation of appropriate security controls, aligned with industry best practices to meet security objectives and standards while allowing flexibility for the businesses to manage their responsibilities.

Roles and Responsibilities

• Maintain the current customer managed Splunk infrastructure
• Support log onboarding and alert monitoring setup in Splunk Cloud
• Identify opportunities to enhance the current baseline processes and configuration
• Monitor the health of the customer managed asset and vendor managed Splunk infrastructure configuration
• Work with key stakeholders of the services to ensure the expectations are meeting the requirements
• Maintain the documented baseline configuration and executing the standard operating procedures to maintain the configuration
• Research and look for opportunities to adopt the best practices and industry standards to enhance the SIEM and SOAR platforms
• Provide guidance to junior team members
• Follow the enterprise processes to maintain the platform documentation in standard templates
• Be able to engage with vendor contacts to keep up with latest features released by vendor to assess the applicability in our environment and implement the enhancements

Job Requirements:

• Bachelor's Degree in Business, Management, Computer Sciences, or equivalent prior work experience in a related field
• Seven plus years of experience in information security with one to three years of Splunk Enterprise is required
• One to three years of experience in Splunk Cloud is required
• One to three years of experience in Splunk Phantom is preferred
• Knowledge of the Amazon Web Services (AWS) for infrastructure is required
• Knowledge of scripting languages like Python
• Knowledge of automation tools like Ansible
• Working knowledge in RegEx
• Experience in the banking or finance industries a plus
• In-depth knowledge of operating systems security configuration (Windows servers and workstations, AIX/Linux/Solaris, and Apple MAC)
• In-depth knowledge of network appliances (Firewalls, router & switches).
• Strong analytical skills (i.e., technical and non-technical problem solving skills).
• Maintain certifications in an information security related field. The following are recommended: CISSP, CISM, GSEC, GIAC, GPEN.

Benefits:

We offer a competitive compensation and benefits package, as well as the opportunity to work on challenging and rewarding projects.

Regards,

Kapalins