Security Platform Engineer-Splunk

Job Title-CISO Security Platform Engineer - Splunk
Job Type-Contract
Job Location-Ireland/Remote

Client Overview:
Our client is an American multinational information technology infrastructure services provider that designs, builds, manages, and develops large-scale information systems. It currently holds the title of the world's largest IT infrastructure services provider, boasting a valuation of $19 billion and employing over 90,000 individuals. With a customer base exceeding 4,000, including 75 of the Fortune 100 companies, they operate in 63 countries.

The Role:
Our client is looking for a highly experienced individual who will be responsible for the maintenance and continuous improvement of all aspects of a large-scale Splunk SIEM infrastructure. The candidate should be able to perform high-quality support and development of enterprise class solutions. This is a hands-on technical position, and a deep knowledge of services infrastructure and platforms is crucial. The candidate must have a solid understanding of Security Platform solutions; from Messaging protection, Log capture and aggregation, to SOAR solutions consumed by our SOC.

Job Responsibilities

• Ensure the continuity and smooth functionality of the Splunk service, its associated components, and its integrations with other services.
• Design and implement solutions to address business problems, understanding the Splunk architecture requirements for scalability, security, performance, and cost-efficiency.
• Own the overall solution blueprint and roadmap and work closely with business units to translate requirements into an appropriate solution design.
• Ensure the security of the Splunk environment by performing proactive health checks and keeping abreast of new threats and vulnerabilities that may affect them.
• Remain current and up to date with emerging technologies, business requirements and enhancements & develop proposals for changes that may be required.
• Develop best practises, standards, and architectural principles for the Splunk service.
• Execute creation and maintenance of architectural documentation.
• Assist/engage other system owners and project development teams that have integration requirements with the various other enterprise security systems.
• Assist/engage other engineering teams for problem determination of incidents.
• Provide expert advice to the Security Technical Design Authority.
• Act in accordance with and be an advocate for Core Values (Respect, Collaboration, Accountability, and Transparency).
• Be available for on call rotation.
• Be available for occasional night or weekend work.

Education/Experience Requirements:

• 5+ Years working in large scale Splunk environment.
• Splunk Enterprise Security experience a must.
• Track record of designing, developing, and onboarding solutions into Enterprise Splunk deployments.
• Extensive experience knowledge of Splunk architecture, distributed components (indexer clusters, forwarders, search head clusters, deployment servers, DMCs, dashboards etc).
• Strong knowledge of Splunk Enterprise Security at administration and use case level.
• Deep understanding of:

• Splunk language (SPL)
• Intermediate Python or PowerShell scripting a must
• CSS, XML, macros, and JavaScript.
• External systems management products & feeds, particularly, but not limited to the M365 security portfolio.
• Optimised data architectures & data analytics.
• IaaS and SaaS deployments, security & integration.
• WANs and LANs and TCP/IP.

• Must have a thorough (advanced to expert) understanding of IT security and implementation of security related guidelines and impact on IT infrastructures.

If you are interested in this role or would like to discuss it further, please call Nidhi at +353 1 645 5244 or email [email protected].

Candidate must have valid visa to work in Ireland (Stamp 1G/Stamp 4/EU Passport)