Cyber Engineer (Splunk Consultant) in Raleigh, NC at Volt

Date Posted: 4/30/2018

Job Snapshot

  • Employee Type:
    Contingent
  • Location:
    Raleigh, NC
  • Job Type:
    Computer Industry
  • Duration:
    48 weeks
  • Date Posted:
    4/30/2018
  • Job ID:
    112679
  • Contact Name
    Volt Branch
  • Phone
    973/404-9187

Job Description

Volt is looking for a Cyber Engineer

Our client is a North America top 15 largest provider of IT solutions with 3,700 employees across 30+ offices in the United States, Canada, France, Hong Kong, Singapore, and the United Kingdom. Our client has 17,500 customers, including Boeing, Johnson & Johnson and AT&T.

Project Scope:

Client is undertaking a project to ingest application centric logs into a centrally managed log aggregation point for purposes of data analytics and security compliance. There is a need to collect requirements from Line of Business (LOB) application owners as well as deliver logging and security requirements to LOB application owners. Splunk is to be the aggregation point and in conjunction Securonix will act as a data analytics and User Behavior Analytics (UBA) platform.

This role will work under the Corporate Information Security Data Analytics team. The successful candidate will need to leverage a blend of communication skills with technical knowledge of security logging and related infrastructure to assist in the migration from individualized application logging points to a centrally managed system. The candidate will also need to work with line of business application owner to develop logging requirements where none may currently exist. Furthermore, due to the volume of application involved in the process, documentation and tracking skills are vital in coordinating several tasks, and appropriately managing the target data sources and mapped use cases and playbooks.

Essential Duties and Responsibilities:

Following is a summary of the essential functions for this job.  Other duties may be performed, both major and minor, which are not mentioned below.  Specific activities may change from time to time.

  1. Coordinate efforts related to ingesting application logs from line of business application owners. Everything from initial contact to validation of ingestion and use case development
  2. Work with Systems engineers to facilitate data migration at pre-determined change windows and document changes via ServiceNow
  3. Work with application owners to understand and document current logging stances
  4. Work with application owners to develop CIM compliant logging where it does not currently exist
  5. Work with application owners to create network dependency maps
  6. Work with application owners to ensure application logging is commensurate with corporate minimum security baseline (MSB) policies
  7. Work with application owners to determine log type and anticipated log volume, document and relay information to system engineers to ensure adequate capacity.
  8. Work with application owners and Splunk Administrators to prepare for, implement, and validate log migrations from legacy systems to Splunk.
  9. Work with application owners to develop potential use cases for data ingested.
  10. Work with application owners and Cyber Threat Operation Center (CTOC) to develop alerting requirements for anomalous activity.

Required Skills and Competencies:

  • Bachelor’s degree in Computer Science or relevant field, or equivalent education and related training
  • Minimum of five years of demonstrated experience in an Information Security technical support role for identity management solutions for high transaction oriented consumer facing web site, preferably at a financial institution.
  • Highly adaptable to a constantly changing business and technology environment. Familiarity with multi-platform environments and their operational/security risk considerations.
  • Experience working with enterprise Splunk, Splunk ES, Securonix, and other security solutions in client environments. 
  • Mid-High level understanding of applied enterprise information security technologies including, but not limited to, firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering and mainframe security
  • Thorough knowledge of data flow, mainframe/client server systems, problem analysis and systems tuning; adept with network interfaces and technologies Good verbal and written communication skills
  • Demonstrated proficiency in basic computer applications, such as Microsoft Office software products
  • Mid-High level experience in technical writing and networking diagrams

Desired Skills:

1.    Knowledge of financial services industry and all applicable regulations and industry standards

2.    Other security certifications (e.g. Cisco Certified Network Associate (CCNA) Security, GIAC (Global Information Assurance Certification) Security Essentials Certification (GSEC), GIAC Certified Enterprise Defender (GCED), Certified Perimeter Protection Analyst (GPPA))

3.    Other technical certifications (e.g. CCNA, Red Hat Certified Engineer (RHCE), Microsoft Certified Systems Engineer (MCSE), Splunk Power User, Splunk Administrator, Securonix User)

Volt is an equal opportunity employer