This is a Sr role with at least 4 years of Splunk/Cloud work and 6+ years of overall IT Security Eng experience.
Description:
Client is seeking a contract Splunk Security Engineer III. Project they will be supporting: Implement a consolidated Prod & DR logging environment (shared segment based). Standardize agents, profiles, filters, support, log routing & Data Lake. Implement Syslog-NG enterprise support model. Meet logging cloud storage requirements.
Non-negotiable technical skills needed for a worker to hit the ground running:
• 3 + years supporting an enterprise size Splunk Cloud Environment including Heavy Forwarders, Universal Forwarders, and Deployment Servers
• 3 + years supporting an enterprise size Syslog-NG Environment
• 3 + years onboarding data sources into Splunk
• Experience evaluating and implementing new hardware and software solutions and managing vendor support/SLA required.
• 3+ years technical project experience designing, developing, integrating, and implementing solutions to resolve complex technical and business issues required.
• Experience with UNIX/Linux/BSD operating systems required
Preferred Experience
Coding experience and proficiency (e.g. Python, Perl, Ruby, PowerShell, Java, bash, etc) preferred.
Preferred: working in large environments
Desired Soft Skills:
Good written and verbal communication skills
Responsibilities
Designs, develops, configures, and implements solutions to resolve complex and highly complex technical and business issues related to related to data security, zero trust implementations, and hybrid/cloud environments. This position will directly contribute to the overall implementation of global enterprise security cloud architecture while working closely with senior staff to enhance and develop new designs and security strategies across all types of hybrid and cloud-based applications (including infrastructure, platform, and software as a service). May act as team-lead and drive one or more projects as part of a Security or Security Risk Management team. Comfortable acting as a Subject Matter Cloud Expert, knowing that there are hundreds of cloud services and no one can actually be an expert at all of them and act as a subject matter expert (SME) for one or more security or risk management areas outside of cloud-based solutions.
• You will provide subject matter security expertise to internal technology teams and business groups within the organization.
• Coaches and trains engineers’ integration of systems, including but not limited to databases, applications, network elements and devices, and data storage
• Guides and mentors engineers in advanced troubleshooting and on the development of custom scripts, securing systems, and configuring platforms to enhance existing cybersecurity.
• Pursue continuing education to maintain advanced knowledge of best practices, compliance requirements, and threats and trends in cybersecurity with the ability to translate into operational action items, policies, procedures, standards and guidelines.
• Lead root-cause analysis to determine improvement strategies when failures occur.
• Have a working knowledge of securing enterprise cloud-based solutions.
• You will have implemented security architectures for cloud, cloud/hybrid, and on-prem systems.
• Working knowledge of enterprise cloud IAAS and PAAS security solutions as well as for data lakes and cloud databases.
• Represent Cybersecurity in development and implementation of the overall global cloud enterprise architectures, frameworks and implementations.
• Assist with the development and implementation of cloud security architectures for protecting sensitive data deployed into various cloud, hybrid, and on-premise systems and solutions.
• Identifies and recommends functional, technological and/or control solutions
• Assist in Continual Service Improvement efforts by identifying, and sometimes leading, opportunities for process improvement
• Drive and participate in the reduction of enterprise and organizational cybersecurity risk.
• Manage workload, prioritizing tasks and documenting time, and other duties.
• Provides training, coaching, and mentoring for Analysts, Engineers and other Senior Engineers.
• Assists management in the definition of cross-platform information security and/or cloud management policies and procedures as well as a senior contributor on departmental (IT Security) standard operating procedures, processes and guidelines.
• Drive and participate in the collection, documentation and dissemination of vital information.
• Key participant in the development, population, and championing of knowledge management and collaboration systems for the Cybersecurity team.
• Communicates complex technical information to team members and all levels of management.
• Provides secure cloud management advice and support for network systems and applications.
• Act as a security advocate for IT operations team’s adherence to CommonSpirit Health policies and industry best practices
Minimum Qualifications:
• Troubleshooting and problem-solving skills adaptable to both technical and business audiences
• Possesses demonstrably excellent interpersonal and communication skills, required for partnering with both technical resources throughout the enterprise as well as the business.
• Experience evaluating and implementing new hardware and software solutions and managing vendor support/SLA required.
• Demonstrated analytical thinking through data-driven decisions, as well as the technical know-how and ability to work with your team to make a big impact.
• Experience in three or more of the following: security operations, identity management, incident containment, policy enforcement/user trust/risk/fraud investigation/product abuse, security research, forensics, network security, cloud security remediation or hybrid threat hunting.
• Experience with Windows Office (Work, Excel, etc) required.
• Knowledge of cloud architecture disciplines including application, database, and infrastructure.
• Experience with G-Suite applications (Docs, Sheets, Slides, etc) required.
• You will also have strong experience of leading Cloud security troubleshooting.
• Experience architecting an entire cloud environment including account structures, network controls (Including Virtual Private Cloud (VPC), subnets, and security groups), governance visibility and logging/auditing (not just for individual workloads).
• Demonstrated ability to document implementations, via technical documentation and run-books.
• Bachelor’s Degree in Computer Science, Information Security, Information Systems, or related field, or equivalent professional experience required.
• One or more relevant technical/professional cloud security certifications
• Two or more relevant technical/professional security certifications or equivalent professional experience required.
Preferred Qualifications:
• 6+ years of IT security experience, including 4+ years of experience in securing cloud- based environments and workloads strongly preferred.
• 4+ years technical project experience designing, developing, integrating, and implementing solutions to resolve complex technical and business issues preferred.
• Experience of developing and implementing Cloud security frameworks preferred.
• Strong experience of leading Cloud security implementations preferred.
• Working knowledge of AWS based security and audit solutions.
• Experience with SOAR solutions preferred.
• Experience with G-Suite related troubleshooting preferred.
• Experience securing G-Suite related solutions & GCP based systems preferred.
• Experience securing Azure based solutions strongly preferred.
• Experience with proxy based security systems is strongly preferred.
• Experience with CASB and cloud based DLP solutions is preferred.
• Scripting experience and proficiency (e.g. Python, Perl, Ruby, Scala, PowerShell, Java, bash, SQL, etc) strongly preferred.
• Proficient understanding of regulatory and compliance mandates, including but not limited to HIPAA, HITECH, PCI, Sarbanes-Oxley preferred.
• Strong knowledge of healthcare environments preferred.