Principal Cyber Security Engineer - Security Monitoring, Splunk

Svbank (Salt Lake City, WB, India) 1 day ago

Silicon Valley Bank (SVB) is looking for a senior Splunk engineering professional who will be responsible for SVB’s Security Office Splunk environment. A successful candidate will be results driven, while looking for continuous improvement opportunities of SVB’s security monitoring controls and processes. The Splunk Engineer will work with other security engineers and the Security Operations team to build the right monitoring solutions to meet business needs. This individual will be responsible for the design, implementation, administration, architecture, and maintenance of the Security Office’s Splunk infrastructure.

Job Funcitons:

  • Administering Splunk Core, Splunk Enterprise Security (ES), User Behavioral Analytics (UBA)

  • Create indexes, ingest new data sources, create roles

  • Deploy/troubleshoot/update Splunk Apps to include apps from Splunkbase as well as developing new/custom Apps to perform specialized functionality

  • Scope requirements for existing Splunk expansions and future Splunk deployments

  • Perform maintenance and optimize on various Splunk components including Splunk Core and Enterprise Security

  • Create Splunk data models, searches, alerts, and reports as directed by Security Office team members

Splunk Certified Architect preferred

Administration knowledge of Splunk Enterprise Security version 4.7.6+

Administration knowledge of Splunk Core version 7.0+

Experience with administration of a multi-site, distributed Splunk deployment

Experience in supporting and maintaining Splunk search heads, search head clusters and index clusters, HTTP Event Collectors, syslog servers

Two years of experience in a cybersecurity role

Experience with documentation in Confluence

Expert knowledge of Splunk Search Processing Language (SPL)

Ability to create regular expressions used to optimize Splunk

Familiar with data on-boarding procedures, CIM compliance and data normalization techniques

Strong knowledge of Splunk Best Practices for search optimization, workflows, and processes

Ability to effectively communicate with a variety of teams for data onboarding and normalization

Experience with regulated systems in the financial industry a plus

Experience with Splunk Cloud a plus

Primary Location: Salt Lake City

Other Locations: Tempe

Job: IT/Engineering/Project Mgmt




Employee Status:

Job Type: Full-time

Job Level:

Travel: Yes, 5 % of the Time

Job Posting: Apr 5, 2021, 2:08:57 PM

Principal Cyber Security Engineer - Security Monitoring, Splunk

Apply On Company Site
Back to search page