Splunk Enterprise Security Architect - Remote
Posted on: April 9, 2021
Lumen is guided by our belief that humanity is at its best when
technology advances the way we live and work. With 450,000 route
fiber miles serving customers in more than 60 countries, we deliver
the fastest, most secure global platform for applications and data
to help businesses, government and communities deliver amazing
experiences. Learn more about Lumen's network, edge cloud, security
and communication and collaboration solutions and our purpose to
further human progress through technology at news.lumen.com,
LinkedIn: /lumentechnologies, Twitter: @lumentechco, Facebook:
/lumentechnologies, Instagram: @lumentechnologies and YouTube:
* The Role*
We have an immediate need for a Splunk Enterprise Security
Architect, to join the Security Architecture and Engineering team.
In this role, you will be a part of a team that builds security
products to protect the world's largest companies, governments, and
millions of homes from advanced security threats. Your specific
responsibility will be to architect, engineer and oversee the
deployment, configuration and support of the Splunk Enterprise
Security environment. We are looking for a skilled and driven
security expert capable of working independently and as part of the
team, to complete tasks assigned by her/his leadership and have
excellent communications skills and experience in presenting
technical issues to a wide variety of audiences
* The Main Responsibilities*
* Architect, engineer, implement, administer, and maintain a
complex and large Splunk Enterprise Security deployment, in a
distributed and clustered environment, in support of the Security
Operation center activities - designed to meet compliance
requirements and growth while maintaining balance between
performance, stability, and agility. Prior experience filtering
logs and feeds for required and useful data, in order to minimize
the system/data needs is desirable.
* Assist with the automation, deployment, integration, and testing
of enterprise systems and services and create and optimize Big Data
correlations as a Splunk search language (SPL) expert.
* Monitor and support event feeds to ensure accurate event parsing,
event filtering, event aggregation, and event transmission from
various sources (workstations, servers, network equipment, ---)
using network communication protocols, standards and systems such
as SYSLOG-NG, Rsyslog, CEF, SSH/TLS, Kafka etc.
* Manage Splunk knowledge objects (Apps, Dashboards, Saved
Searches, Scheduled Searches, Alerts). Develop custom applications
for handling a variety of data sources. Build meaningful dashboards
to provide customers with insights into their data.
* Create and Maintain API and DBConnect based integrations to asset
and inventory systems for contextual data gathering and
augmentation, as well as provide additional services to the
customer, e.g. trouble ticket submission.
* Ensure the deployments meet requirements with respect to
functionality, performance, scalability, and reliability while
complying with company security standards and principles
* Create and analyze utilization statistics to identify causes for
system and application degradations as well as recommend required
system enhancements for business case and budget approval.
* Guide routine compliance and audit functions to ensure monitoring
requirements of Lumen assets are satisfied.
* Develop, modify and follow associated security operation center
processes applicable to the role (e.g. change and outage
* Recognized as a subject matter expert within and outside of the
Company. The candidate must be able to work collaboratively with
diverse end users and a geographically distributed team, and engage
in direct communication with Director and VP level leadership.
* Lead architectural approval and security certification processes
* Responsible for generating high quality technical documentation
and configurations to support architecture and solution designs,
handoffs and user training
* What We Look For in a Candidate*
* Undergraduate degree in Computer Science, Engineering,
Information systems or related field preferred. Additional years of
experience can be substituted in lieu of a degree.
* Minimum of 8+ years of experience in a technical role, including
4+ years of relevant Splunk Enterprise, Enterprise Security
administration, Splunk SIEM infrastructure configuration, and
* Certifications for Splunk Enterprise Certified Architect and
Splunk Enterprise Security Certified Admin.
* Experience deploying and managing the Splunk event feed,
indexing, processing and analytics infrastructure.
* Experience working in a large enterprise or service provider
* Knowledge of enterprise logging, including application, OS, and
security technology logging.
* Experience with Ansible Tower, playbooks and general systems
and/or configuration administration through use of Ansible
automation, plus experience supporting and administering CentOS7,
RHEL 7, etc
* Excellent understanding of common computing platforms, including:
Windows, RedHat & Ubuntu Linux Servers; must be very comfortable
administering servers from the command line and working with
* 3+ years development experience with scripting languages (Python
* Development of custom tools and programs based on specified
* Strong networking experience to aid event collection and
* Experience in analyzing general system processing throughput,
utilization, and capacity.
* Experience in architecting the service provider-grade security
infrastructure - with specific focus on Data Analytics, Event Log
management, threat detection/prevention and asset intelligence
* Strong work ethic, demonstrated self-starter with a high degree
of energy, enthusiasm and a can do attitude to achieve outstanding,
timely, and quality results and operate at the highest levels of
excellence and process efficiency.
* Strong communication, presentation and teamwork skills and prior
work in a collaborative environment
* Demonstrates Company's values, maintains a positive open
demeanor, encourages different points of view; provides timely
information; communicates context for business decisions; fosters
teamwork and collaboration
* This role requires the ability to design, architect and implement
Splunk solutions in support of cybersecurity and operations
analysts and data scientists. Customers may exist within the
government (Federal, state, or local) and may require a US
Government personnel security clearance.
* Experience working with other big data analytics solutions
(Elastic Stack, Palantir, HP ArcSight, etc.) is a plus
* Working experience in security architecture design, preferably
* Access control and firewalls/UTM devices including Web
Application Firewall (WAF), Web Content Filtering, Intrusion
Detection and Prevention (IDS/IPS) systems, Remote Network Access
(IPsec VPN, SSL), Anti-Virus and Anti-Spam (AV/AS), Email and
* Distributed Denial of Service Architecture (DDoS), Flow and
* Understanding of Integrated network architectures, cloud
Requisition #: 241431
* EEO Statement*
We are committed to providing equal employment opportunities to all
persons regardless of race, color, ancestry, citizenship, national
origin, religion, veteran status, disability, genetic
characteristic or information, age, gender, sexual orientation,
gender identity, marital status, family status, pregnancy, or other
legally protected status (collectively, "protected statuses"). We
do not tolerate unlawful discrimination in any employment
decisions, including recruiting, hiring, compensation, promotion,
benefits, discipline, termination, job assignments or training.
The above job definition information has been designed to indicate
the general nature and level of work performed by employees within
this classification. It is not designed to contain or be
interpreted as a comprehensive inventory of all duties,
responsibilities, and qualifications required of employees assigned
to this job. Job duties and responsibilities are subject to change
based on changing business needs and conditions.
Salary Range *Salary Min : *97740
* Salary Max : *217680
This information reflects the anticipated base salary range for
this position based on current national data. Minimums and maximums
may vary based on location. Individual pay is based on skills,
experience and other relevant factors.
This position is eligible for either short-term incentives or sales
compensation. Director and VP positions also are eligible for
long-term incentive. To learn more about our bonus structure, you
can view additional information[
We're able to answer any additional questions you may have as you
move through the selection process.
As part of our comprehensive benefits package, Lumen offers a broad
range of Health, Life, Voluntary Lifestyle and other benefits and
perks that enhance your physical, mental, emotional and financial
wellbeing. You can learn more by clicking [
Note: For union-represented postings, wage rates and ranges are
governed by applicable collective bargaining agreement
Salary Range *Salary Min : *97740
* Salary Max : *217680
This information reflects the base salary pay range for this job
based on current national market data. Ranges may vary based on the
job's location. We offer competitive pay that varies based on
individual experience, qualifications and other relevant factors.
We encourage you to apply to positions that you are interested in
and for which you believe you are qualified. To learn more, you are
welcome to discuss with us as you move through the selection
Keywords: Lumen, Broomfield , Splunk Enterprise Security Architect - Remote, Professions , Broomfield, Colorado
Didn't find what you're looking for? Search again!