Security Engineer - Splunk

Role Summary

The security engineer is a subject matter expert accountable for administering our client's SIEM, Log Management Platform and Data Analytical Tool. The security engineer works closely with the Cyderes Team at multiple levels to identify and align business and IT objectives, discover Security and Operational pain points, offer recommendations, and recognize current and future IT Security needs.

The Security Engineer is responsible for the management, maintenance, configuration, and troubleshooting of technology solutions. Most work will assign through ServiceNow tickets; the Security Engineer is responsible for completing the customer-initiated requests within Service Level Agreements.

Primary Responsibilities

• Assist with administration and maintenance of SIEM, Log Management and Data Analytical Platform
• Provide Tier-III level technical support for SIEM, Log Management Platform and Data Analytical tools during business hours and non-business hours.
• Conduct System Health Checks on managed technologies and provide recommendations on performance improvements.
• Create and maintain standard operating procedures, technical documents and troubleshooting guidelines of security solutions.
• Monitoring and tuning of managed technologies to optimize system performance
• Configure and troubleshoot managed security devices.
• Providing assistance to customer requests such as Log Source configuration, App installation, Data Parsing, Use Case Development and Troubleshoot complex issues for managed technologies
• Responsible for managed technologies patching and updates
• Execute highly technical changes, change windows, and client requests by following Cyderes’ standard change management process.
• Schedule and run regular technical changes such as version updates, security patches, major software releases following Cyderes' normal change management policies and procedures.
• Develop technical solutions to automate repeatable tasks
• Utilize tools and analytical skills to investigate the root cause of issues across the technologies
• Provide overall guidance, instruction and leadership to SOC analysts
• Opening and following up on tickets and customer request with 3^rd party vendors

• Communicate effectively orally and in writing
• Establish a cooperative working relationship with persons contacted in the course of performing assigned duties.

Desired Skills and Experience

• College Diploma or University Degree in Information Security or relevant security up-to-date certificates and/or equivalent work experience
• Three years of experience in the IT Security industry
• Holds industry-recognized certifications of security technologies or network technologies
• Proficient knowledge and experience with SIEM, Log Management or Data Analytical platforms
• Strong understanding of IT Security concepts, best practices, and market direction
• Familiarity with Networking fundamentals such as VLAN, WAN, LAN, VPN, SAN, OSI Model, Firewall, Next-Gen Firewalls, etc.
• Knowledge of common information security management frameworks such as ITIL, NIST and PCI DSS.
• Excellent communications skills
• Exceptional Time Management and organizational skills
• A positive and constructive minded team player
• Excellent troubleshooting, reasoning and problem-solving skills

Required Experience

• Must have certification in Splunk Technologies such as Splunk Enterprise Certified Admin
• Proven experience configuring, implementing and supporting Splunk on-premise components
• Expertise of enterprise logging with a focus on security event logging
• Knowledge of scripting language such as Python
• Understanding of regular expression and query languages
• Practical experience in administration Linux infrastructure