Splunk Enterprise Security Architect
Posted on: February 22, 2021
Splunk Enterprise Security Architect As a Splunk Enterprise
Security Architect working on the Security Architecture and
Engineering team, you will build security products to protect the
world's largest companies, governments, and millions of homes from
advanced security threats. Specifically you will architect,
engineer and oversee the deployment, configuration and support of
the Splunk Enterprise Security environment. THE MAIN
- Architect, engineer, implement, administer, and maintain a
complex and large Splunk Enterprise Security deployment in a
distributed and clustered environment, in support of the Security
Operation center activities - designed to meet compliance
requirements and growth while maintaining balance between
performance, stability, and agility.
- Assist with the automation, deployment, integration, and
testing of enterprise systems and services and create and optimize
Big Data correlations as a Splunk search language (SPL)
- Monitor and support event feeds to ensure accurate event
parsing, event filtering, event aggregation, and event transmission
from various sources (workstations, servers, network equipment, )
using network communication protocols, standards and systems such
as SYSLOG-NG, Rsyslog, CEF, SSH/TLS, Kafka etc.
- Manage Splunk knowledge objects (Apps, Dashboards, Saved
Searches, Scheduled Searches, Alerts).
- Develop custom applications for handling a variety of data
- Build meaningful dashboards to provide customers with insights
into their data.
- Create and Maintain API and DBConnect based integrations to
asset and inventory systems for contextual data gathering and
augmentation, as well as provide additional services to the
customer, e.g. trouble ticket submission.
- Ensure the deployments meet requirements with respect to
functionality, performance, scalability, and reliability while
complying with company security standards and principles.
- Create and analyze utilization statistics to identify causes
for system and application degradations as well as recommend
required system enhancements for business case and budget
- Guide routine compliance and audit functions to ensure
monitoring requirements of assets are satisfied.
- Develop, modify and follow associated security operation center
processes applicable to the role (e.g. change and outage
- Work collaboratively with diverse end users and a
geographically distributed team, and engage in direct communication
with Director and VP level leadership.
- Lead architectural approval and security certification
processes as needed.
- Generate high quality technical documentation and
configurations to support architecture and solution designs,
handoffs and user training. THE MAIN QUALIFICATIONS
- Minimum of 8+ years of experience in a technical role,
including 4+ years of relevant Splunk Enterprise, Enterprise
Security administration, Splunk SIEM infrastructure configuration,
and support experience.
- Certifications for Splunk Enterprise Certified Architect and
Splunk Enterprise Security Certified Admin.
- Experience deploying and managing the Splunk event feed,
indexing, processing and analytics infrastructure.
- Experience working in a large enterprise or service provider
- Knowledge of enterprise logging, including application, OS, and
security technology logging.
- Experience with Ansible Tower, playbooks and general systems
and/or configuration administration through use of Ansible
automation, plus experience supporting and administering CentOS7,
RHEL 7, etc.
- Excellent understanding of common computing platforms,
including: Windows, RedHat & Ubuntu Linux Servers; must be very
comfortable administering servers from the command line and working
with configuration files.
- 3+ years development experience with scripting languages
- Development of custom tools and programs based on specified
- Strong networking experience to aid event collection and
- Experience in analyzing general system processing throughput,
utilization, and capacity.
- Experience in architecting the service provider-grade security
infrastructure with specific focus on Data Analytics, Event Log
management, threat detection/prevention and asset intelligence
- Ability to design, architect and implement Splunk solutions in
support of cybersecurity and operations analysts and data
- Working experience in security architecture design, preferably
- Access control and firewalls/UTM devices including Web
Application Firewall (WAF)
- Web Content Filtering, Intrusion Detection and Prevention
- Remote Network Access (IPsec VPN, SSL)
- Anti-Virus and Anti-Spam (AV/AS)
- Email and Messaging Security
- Distributed Denial of Service Architecture (DDoS), Flow and
- Understanding of Integrated network architectures, cloud
- Customers may exist within the government (Federal, state, or
local) and may require a US Government personnel security
- Prior experience filtering logs and feeds for required and
useful data, in order to minimize the system/data needs is
- Experience working with other big data analytics solutions
(Elastic Stack, Palantir, HP ArcSight, etc.) is a plus
- Undergraduate degree in Computer Science, Engineering,
Information systems or related field preferred. Additional years of
experience can be substituted in lieu of a degree.
- Strong work ethic, demonstrated self-starter with a high degree
of energy, enthusiasm and a can do attitude to achieve outstanding,
timely, and quality results and operate at the highest levels of
excellence and process efficiency.
- Strong communication, presentation and teamwork skills and
prior work in a collaborative environment while maintaining a
positive open demeanor, encouraging different points of view. If
you are a skilled and driven security expert, capable of working
independently and as part of the team to complete tasks assigned by
leadership, with excellent communications skills and experience in
presenting technical issues to a wide variety of audiences then
this is a great position for you! - provided by Dice
Keywords: Telesis7, Broomfield , Splunk Enterprise Security Architect, Professions , Broomfield, Colorado
Didn't find what you're looking for? Search again!