CISCO Security Platform Engineer
(Candidate must have valid visa to work in Ireland (Stamp 1G/Stamp 4/EU Passport)
Job type: Contract/Remote
Overview of the role:
Our client is looking for a highly experienced individual who will be responsible for the maintenance and continuous improvement of all aspects of a large-scale Splunk SIEM infrastructure. The candidate should be able to perform high-quality support and development of enterprise class solutions. This is a hands-on technical position, and a deep knowledge of services infrastructure and platforms is crucial. The candidate must have a solid understanding of Security Platform solutions; from Messaging protection, Log capture and aggregation, to SOAR solutions consumed by our SOC.
Responsibilities:
Ensure the continuity and smooth functionality of the Splunk service, its associated components, and its integration with other services.
Design and implement solutions to address business problems, understanding the Splunk architecture requirements for scalability, security, performance, and cost-efficiency.
Own the overall solution blueprint and roadmap and work closely with business units to translate requirements into an appropriate solution design.
Ensure the security of the Splunk environment by performing proactive health checks and keeping abreast of new threats and vulnerabilities that may affect them.
Remain current and up to date with emerging technologies, business requirements and enhancements & develop proposals for changes that may be required.
Develop best practices, standards, and architectural principles for the Splunk service.
Execute creation and maintenance of architectural documentation.
Assist/engage other system owners and project development teams that have integration requirements with the various other enterprise security systems.
Assist/engage other engineering teams for problem determination of incidents.
Provide expert advice to the Security Technical Design Authority.
Act in accordance with and be an advocate for Core Values (Respect, Collaboration, Accountability, and Transparency).
Be highly motivated with a need-to-understand desire so that insights and deep understandings of the supported environments and integrations are obtained.
Can work independently and as part of a team to research/resolve technical issues and develop quality solutions.
Professionally evolve and inspire others to do the same.
Work is generally done in a remote home office.
Be available for on call rotation.
Be available for occasional night or weekend work.
Education/Experience Requirements
5+ Years working in large scale Splunk environment.
Splunk Enterprise Security experience a must.
Track record of designing, developing, and onboarding solutions into Enterprise Splunk deployments.
Extensive experience knowledge of Splunk architecture, distributed components (indexer clusters, forwarders, search head clusters, deployment servers, DMCs, dashboards etc).
Strong knowledge of Splunk Enterprise Security at administration and use case level.
Deep understanding of:
Splunk language (SPL)
Intermediate Python or PowerShell scripting a must
CSS, XML, macros, and JavaScript.
External systems management products & feeds, particularly, but not limited to the M365 security portfolio.
Optimised data architectures & data analytics.
IaaS and SaaS deployments, security & integration.
WANs and LANs and TCP/IP.
Must have a thorough (advanced to expert) understanding of IT security and implementation of security related guidelines and impact on IT infrastructures.
Problem solving abilities across enterprise multiple technology environments with complex integrations.
Strong time management skills.
Strong verbal and written communication skills; must be able to communicate effectively with a wide variety of audiences, both business and technical.
Work collaboratively and cooperatively with diverse geographical and cultural groups.
If you are interested in this role or would like to discuss further, please call Nidhi on +353 1 6455244 or email [email protected]
(Candidate must have valid visa to work in Ireland (Stamp 1G/Stamp 4/EU Passport)
