Develops, recommends, implements and manages the technical architecture (hardware, software, database and communications) which will be used for all or specific applications in a large, distributed cross-platform environment.
Responsibilities also include the identification of relevant information and the determination of the environment, which will be used for development.
Provide engineering and operational support for the Splunk Cloud Security Incident and Event Management (SIEM) platform. This includes assisting with the implementation and support of SPLUNK Cloud across multiple environments and varying OS types.
Provide integration support and development effort on design related changes or introduction of new business requirements to Splunk Cloud.
Support ongoing work efforts to develop and administer Splunk Cloud can continue as new requirements, functionality or integration is required to enable our modern enterprise security monitoring program and target state operating model within the current project timelines.
General Skills:
Leadership experience in the development and implementation of technical security architectures at the specified experience level
Extensive experience with enterprise security services, Identity and database technologies, and network access protocols
Experience in structured methodologies for the design, development and implementation of cloud applications
Extensive experience in systems analysis and design in large secure solution environments
Knowledge and experience designing processes around ITIL and is able to guide others using this methodology
Experience translating business requirements into solution needs
Experience preparing conceptual, logical and/or physical processes and data models
Experience developing, recommending, implementing and managing technical security architecture
Awareness of emerging technologies, trends and directions
Excellent analytical, problem-solving and decision-making skills; verbal and written communication skills; interpersonal and negotiation skills
A team player with a track record for meeting deadlines
Knowledge and understanding of Information Management security principles, concepts, policies and practices
Experience and Skill Set Requirements
Required Skills - 45%
Advanced knowledge and experience with Security Information & Event Management technology
SPLUNK Cloud (Must)
Azure Sentinel
Cloud Infrastructure
Infrastructure as a Service (IaaS)
Platform as a Service (PaaS)
Software as a Service (SaaS)
Agile Project Delivery - 15%
Experience working on agile project delivery teams
Working Experience with
Backlog
User Stories
Scrum
Sprints
Security Operations Experience - 35%
SIEM use case development, rationalization and configuration
SIEM dashboard creation
Security Operational process development and documentation (Playbooks)
MITRE Framework
Previous Public Sector Experience - 5%
Previous Public Sector work experience is considered a positive
Must haves:
| Mandatory Skills |
Candidate Experience (Years) |
Details |
| Splunk Cloud must have |
|
|
| Security Operations Experience |
|
|
| Development engineering support |
|
|
| Azure Sentinel |
|
|