This position will support the IT security infrastructure leveraged by our Security Operations Center. Infrastructure technologies include but are not limited to Security Information and Event Management (SIEM) platforms, Netflow, Full Packet Analytics and much more. This position works with other business unit SMEs to ensure the technologies are integrated and fully utilized as intended in the protection of our large COMPANY CONFIDENTIAL CLIENT's cyber related assets. The role is a technical hands-on role with lots of troubleshooting and problem-solving opportunities.
- A formal education in Computer Science or a related field, or equivalent experience in IT Security related roles is required for this position. Network/Security/System admin experience is preferred.
- Minimum 6+ years supporting IT infrastructure or Information Security devices/technologies.
- Minimum 1+ year of experience supporting and managing Splunk Enterprise deployments, as well as understanding of Data and System Administration using Splunk is highly desired. Experience with distributed clustered environments is a plus
- Minimum of 3+ years of comprehensive working knowledge of Linux, Unix is a must, and Windows OS is a plus.
- Scripting skills such as Perl, Python, and/or Shell scripting are a plus.
- Advanced knowledge of networking protocols and addressing schemes, i.e., TCP/IP functions, CIDR blocks, subnets, addressing, communications, layer 2, netflow, etc.
- Experience supporting Security Information and Event Management products, such as Connectors, Logger, and Enterprise Security Manager (ESM) - ArcSight, QRadar, RSA Envision a plus.
- Comprehensive working knowledge and experience supporting netflow technologies - Lancope StealthWatch a plus.
- Database skills with MySQL, SQL, Oracle are a plus.
- Excellent problem solving and analytical skills; ability to solve complex technical issues.
- Strong customer service skills.
- Exhibit initiative, follow-up and follow through with commitments.
- Ability to support and work in a team environment.
- Advanced technical writing skills.
- Ability to manage multiple tasks and priorities in a high-pressure environment.
- Understanding of IT Security and the ability to apply risk management principles in all aspects IT Security preferred.
- Experience with and ability to maintain confidentiality of data.
- Experience working in or supporting a Security Operations Center is a plus.
- On-call support after hours will be required.
- Must comply with any regulatory requirements.
MAJOR JOB RESPONSIBILITIES
- Perform as subject matter expert on Splunk Enterprise tools and deployments utilized by the SOC
- Perform administrative functions managing all SOC infrastructure technology platforms
- Provide support on all SOC infrastructure technology platforms, present and future deployments.
- Perform routine equipment checks, upgrades, and preventative maintenance for our IT Security infrastructure.
- Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business unit stakeholder SMEs.
- Establish and maintain positive relationships/partnerships with appropriate vendors.
Our large COMPANY CONFIDENTIAL CLIENT is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law
WHO SHOULD APPLY
- Only "QUALIFIED" candidates who meet all of the minimum years of experience and the vast majority of the job requirements listed above will be considered.
HOW TO APPLY
***Qualified candidates only ****
- Open or Confidential Candidate Referrals accepted
- Call our office at 888-676-6389 or email any clarification questions.