CISCO Security Platform Engineer-Splunk

CISCO Security Platform Engineer-Splunk
(Candidate must have valid visa to work in Ireland (Stamp 1G/Stamp 4/EU Passport)

Job type: Contract/Remote

Overview of the role:
Our client is looking for a highly experienced individual who will be responsible for the maintenance and continuous improvement of all aspects of a large-scale Splunk SIEM infrastructure.

The candidate should be able to perform high-quality support and development of enterprise class solutions. This is a hands-on technical position, and a deep knowledge of services infrastructure and platforms is crucial.

The candidate must have a solid understanding of Security Platform solutions; from Messaging protection, Log capture and aggregation, to SOAR solutions consumed by our SOC.

Responsibilities:

• Ensure the continuity and smooth functionality of the Splunk service, its associated components, and its integration with other services.
• Design and implement solutions to address business problems, understanding the Splunk architecture requirements for scalability, security, performance, and cost-efficiency.
• Own the overall solution blueprint and roadmap and work closely with business units to translate requirements into an appropriate solution design.
• Ensure the security of the Splunk environment by performing proactive health checks and keeping abreast of new threats and vulnerabilities that may affect them.
• Remain current and up to date with emerging technologies, business requirements and enhancements & develop proposals for changes that may be required.
• Develop best practices, standards, and architectural principles for the Splunk service.
• Execute creation and maintenance of architectural documentation.
• Assist/engage other system owners and project development teams that have integration requirements with the various other enterprise security systems.
• Assist/engage other engineering teams for problem determination of incidents.
• Provide expert advice to the Security Technical Design Authority.
• Act in accordance with and be an advocate for Core Values (Respect, Collaboration, Accountability, and Transparency).
• Be highly motivated with a need-to-understand desire so that insights and deep understandings of the supported environments and integrations are obtained.
• Can work independently and as part of a team to research/resolve technical issues and develop quality solutions.
• Professionally evolve and inspire others to do the same.
• Work is generally done in a remote home office.
• Be available for on call rotation.
• Be available for occasional night or weekend work.

Education/Experience Requirements

• 5+ Years working in large scale Splunk environment.
• Splunk Enterprise Security experience a must.
• Track record of designing, developing, and onboarding solutions into Enterprise Splunk deployments.
• Extensive experience knowledge of Splunk architecture, distributed components (indexer clusters, forwarders, search head clusters, deployment servers, DMCs, dashboards etc).
• Strong knowledge of Splunk Enterprise Security at administration and use case level.
• Deep understanding of:
• Splunk language (SPL)
• Intermediate Python or PowerShell scripting a must
• CSS, XML, macros, and JavaScript.
• External systems management products & feeds, particularly, but not limited to the M365 security portfolio.
• Optimised data architectures & data analytics.
• IaaS and SaaS deployments, security & integration.
• WANs and LANs and TCP/IP.
• Must have a thorough (advanced to expert) understanding of IT security and implementation of security related guidelines and impact on IT infrastructures.
• Problem solving abilities across enterprise multiple technology environments with complex integrations.
• Strong time management skills.
• Strong verbal and written communication skills; must be able to communicate effectively with a wide variety of audiences, both business and technical.
• Work collaboratively and cooperatively with diverse geographical and cultural groups.

If you are interested in this role or would like to discuss further, please call Nidhi on +353 1 6455244 or email [email protected]
(Candidate must have valid visa to work in Ireland (Stamp 1G/Stamp 4/EU Passport)