Splunk SME

2 Days ago • 4-8 Years • Cyber Security

About the job

Job Description

This Splunk SME role involves managing and delivering large, complex cybersecurity projects. Responsibilities include designing and implementing Splunk solutions across multiple regions, managing log ingestion from various sources, integrating with vendor applications, and interpreting cybersecurity regulations. The role requires experience in project delivery within agreed scope, cost, and timescale, working with multiple stakeholders and technical resources. A dual-hat arrangement covers both banking and securities businesses. Key deliverables involve business requirements, technical design, engagement with infrastructure teams, Splunk use case development, alert and report creation, and compliance with Splunk CIM. This position requires expertise in Splunk Enterprise Security, SOAR concepts, and various data onboarding methods.
Must have:
  • Splunk use case development (Windows, Linux, Firewalls)
  • Splunk Enterprise Security configuration
  • Report/dashboard creation, knowledge objects
  • Data onboarding via DB Connect, Splunk apps, syslog-ng
  • Splunk CIM compliance
  • SOAR concepts and use case automation
  • Linux OS knowledge (RHEL 7 & 8 preferred)
  • Cybersecurity project delivery experience
Not hearing back from companies?
Unlock the secrets to a successful job application and accelerate your journey to your next opportunity.
Project description

About the client: Our client is a UK subsidiary of a global financial house working in multiple markets and asset classes.
About our team: Rapidly expanding group developing and supporting for various client projects.
We are working remotely in the client environment. Currently, the team operates fully in WFH mode.

IT Risk, Security & Control department covers Cyber Security strategy maintenance and tactical planning and operations to provide IT Security protection, governance, risk management and reporting. This includes promoting Head Office Information Security Standards and Procedures (ISSP) requirements and local security requirements. The department supports and monitors security solutions such as virus protection, vulnerability management, compliance monitoring and threat/incident management activities to reduce risk.

Responsibilities

Main Purpose of the Role :

The Cybersecurity Technical resource is responsible for management and delivery on large, strategic and complex cybersecurity projects. The role manages the execution of project/product cybersecurity elements across cross-portfolio programs and services. Executions include working with multiple security, IT and other leadership / stakeholders and a variety of security, IT and engineering technical resources to identify, plan and deliver cybersecurity initiatives. Deliverables include, but are not limited to:

To support the delivery of cyber projects within agreed scope, cost and timescale.

To deliver Splunk solution across multiple regions.

To manage and work independently or as part of a team in delivering complex projects.

Design and implement the Splunk solution including log ingestions from various sources.

Key Responsibilities:

For dual hat only:

In this role, you will be responsible for xxx across banking arm and securities business under a dual-hat arrangement. Under this arrangement, you will act and make decisions on behalf of both the bank and the securities business, subject to the same remit and level of authority, and irrespective of the entity which employs you.

In this role, you will be responsible for cybersecurity technical project delivery across banking arm and securities business under a dual-hat arrangement. Under this arrangement, you will act and make decisions on behalf of both the bank and the securities business, subject to the same remit and level of authority, and irrespective of the entity which employs you. Key responsibilities include but, but not limited to:

Implement the Splunk solution with a focus on log ingestion from various soruces as well as integration with vendor applications where integration is possible.

Interprete cybersecurity relevant regulatory and other requirements or best practices and translate these to business aligned cybersecurity programme requirements.

Manage the delivery of cybersecurity projects within agreed scope, cost and timescale across Bank and Securities.

Support of the delivery of the cyber portion of allocated Cross Portfolio projects including implementation of cyber projects

The technical resource will be responsible for support and execution of the following deliverables as required: business requirements, technical design and architecture, engagement with other infrastructure teams,

Splunk use cases, alerts, reports development with knowledge of Splunk ES and CIM

Skills

Must have

Skills and Experience:

Functional / Technical Competencies:

Essential

Experience /Knowledge of Splunk use case development covering Windows, Linux, Firewalls, proxy etc.

Knowledge of Splunk Enterprise Security configuration and creation/management of correlation searches.

Knowledge of managing /creation of reports, dashboards and knowledge objects.

Knowledge on various type of data on-boarding in Splunk using DB Connect, various splunk apps/add-ons & syslog-ng and should be compliant with Splunk CIM (Common Information Model)

Infrastructure Knowledge/experience

Experience/Knowledge on SOAR concepts and use case automation development.

Govern and advise on technical direction especially through technical workshops and 1:1 coaching session to ensure alignment to business strategy.

Creation and maintenance of technical guides to convey fact, simply and effectively to both peers and those less experienced.

Should have working knowledge on Linux Operating Systems (Preferably RHEL 7 & 8)

Cyber Security Technology Knowledge/experience

Work Experience:

Essential:

Experience in working on multiple projects with broad scope, ambiguity, and high degree of difficulty

Experience in technology projects such as implementation of Cyber infrastructure replacement etc.

Demonstrable proficiency in a wide range of information IT security technologies and embedded security; at the minimum knowledge must cover key cybersecurity domains such as Identity and Access Management, Incident Management Posessing high level of analytical ability where problems are typically unusual and difficult

Ability to maintain a working knowledge of cybersecurity principles and elements

Understand global program structure, launch plan and timing, and global program ownership

Demonstrable experience of senior stakeholder management and relevant management reporting.

Ability to coach team members through knowledge transfer and constructive feedback

Education / Qualifications:

Essential:

Degree educated and / or equivalent experience.

Nice to have

Personal Requirements:

You are a leader and an expert in delivery of cyberframeworks and associated key solutions

A demonstrable passion for cybersecurity

Excellent communication/leadership/interpersonal skills; results driven and with strong sense of accountability

You are experienced in engaging and persuading teams to accept and participate in best-in-class security architecture and operations

Data driven, ability to analyze data needed to effectively measure progress against the execution of objectives

You successfully convey technical information in an understandable way that generates results

A troubleshooter who proactively removes roadblocks and pursues solutions to problems that stand in the way

You value and develop trusted relationships at every operational level

The ability to operate with urgency and prioritise work accordingly

Strong decision making skills, the ability to demonstrate sound judgement

A structured and logical approach to work; Strong problem solving skills

A creative and innovative approach to work

Excellent presentation skills and excellent attention to detail and accuracy

The ability to manage large workloads and tight deadlines

A calm approach, with the ability to perform well in a pressurised environment

Other

Languages

English: C1 Advanced

Seniority

Senior

View Full Job Description

Add your resume

80%

Upload your resume, increase your shortlisting chances by 80%

About The Company

Luxoft, a DXC Technology Company (NYSE: DXC), is a digital strategy and software engineering firm providing bespoke technology solutions that drive business change for customers the world over. Acquired by U.S. company DXC Technology in 2019, Luxoft is a global operation in 44 cities and 21 countries with an international, agile workforce of nearly 18,000 people. It combines a unique blend of engineering excellence and deep industry expertise, helping over 425 global clients innovate in the areas of automotive, financial services, travel and hospitality, healthcare, life sciences, media and telecommunications.

DXC Technology is a leading Fortune 500 IT services company which helps global companies run their mission critical systems. Together, DXC and Luxoft offer a differentiated customer-value proposition for digital transformation by combining Luxoft’s front-end digital capabilities with DXC’s expertise in IT modernization and integration. Follow our profile for regular updates and insights into technology and business needs.

Zurich, Switzerland (On-Site)

Ohio, United States (Remote)

Masovian Voivodeship, Poland (On-Site)

Indiana, United States (Remote)

Mexico City, Mexico (Remote)

Ohio, United States (Remote)

Kyiv Oblast, Ukraine (Remote)

Lesser Poland Voivodeship, Poland (Hybrid)

Lower Silesian Voivodeship, Poland (Hybrid)

View All Jobs

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug