Do you thrive on developing creative and innovative insights to solve complex challenges? Want to work on next-generation, cutting-edge products and services that deliver outstanding value and that are global in vision and scope? Work with other experts in your field? Work for a world-class organization that provides an exceptional career experience with an inclusive and collaborative culture? Want to make an impact that matters? Consider Deloitte Global.
Global Cyber Defense Splunk Engineer – Content
Cyber Security Cyber Risk Posted: 27-Apr-2022
Same job available in 14 locations
Atlanta, Georgia, United States
Charlotte, North Carolina, United States
Dallas, Texas, United States
Detroit, Michigan, United States
Greater Toronto, Ontario, Canada
Hermitage, Tennessee, United States
Houston, Texas, United States
Kansas City, Missouri, United States
Miami, Florida, United States
Nashville, Tennessee, United States
Raleigh, North Carolina, United States
Richmond, Virginia, United States
San Antonio, Texas, United States
Tampa, Florida, United States
Work you'll do
The successful candidate will provide ongoing engineering of the current Splunk infrastructure as well as the migration/implementation of Splunk products in a global multi-data center environment. This role also requires a forward-thinking consultative approach and a high degree of collaboration with the Splunk architect and customer Infrastructure teams.
The GEMS Engineer works closely with team leadership to ensure integration of operations and maintenance to team standards. He/she will have experience in content development, log source onboarding, and/or maintenance of Splunk and Splunk ES. He/she exhibits a high service attitude and operations discipline to deliver a 24x7, highly available and highly performing, production application.
Responsibilities:
- Partner with development and operations teams to develop practical automation solutions and custom modules.
- Create, optimize, and continuously evaluate security monitoring content (correlated searches/alerts) on Splunk Enterprise Security.
- Implement/maintain data normalization methods based on requirements provided by stakeholders/leadership.
- Clearly document and diagram deployment-specific aspects of architectures and environments, working closely with various teams to create application runbooks, playbooks, and knowledge base documents.
- Troubleshoot issues in production and other environments, applying debugging and problem-solving techniques (e.g., log analysis, non-invasive tests).
- After hours on-call support occasionally required.
What you'll be part of - our Deloitte Global Culture:
At Deloitte, we expect results. Incredible—tangible—results. And Deloitte Global professionals play a unique role in delivering those results. We reach across disciplines and borders to serve our global organization. We are the engine of Deloitte. We develop and implement global strategies and provide programs and services that unite our network.
In Deloitte Global, everyone has opportunities. We see the importance of your perspective and your ability to create value. We want you to fit in—with an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand out—with opportunities to have a strategic impact, innovate, and take the risks necessary to make your mark.
Who you'll work with:
The Deloitte Global Cybersecurity function is responsible for enhancing data protection, standardizing and securing critical infrastructure, and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of security services to Deloitte’s global network of firms around the globe.
Qualifications:
Required:
- 2+ years of Splunk security content development experience
- 1+ years of Splunk engineering experience
- Strong understanding of Splunk Enterprise Security
- Strong understanding of Cloud Services – Azure, AWS
- Strong understanding of Splunk data models and CIM validation
- Experience working with a strict change control process utilizing tools such as Azure DevOps
- Knowledge of security tools, networking, firewalls, load balancers etc.
- Knowledge of best practices for IT operations in an always-on, always-available service model
- Good communication skills and the ability to communicate appropriately with technical teams.
- Good influencing and reasoning skills; good at conflict resolution and consensus building.
Education and experience:
- Bachelor’s degree in Computer Science, Computer Engineering, Finance, Mathematics, Business Information Systems or other bachelor’s degree combined with relevant experience and accomplishments.
- One of more of the following: Splunk Certified Admin, Splunk Certificated Architect, Splunk Certified Consultant
Preferred:
- Experience in working in a large global organization
- Universal/Heavy Forwarder configuration experience, including encryption and compression settings
- A solid understanding of Windows and Linux administration utilizing Command Line Interface (CLI)
How you'll grow:
Deloitte Global inspires leaders at every level. We believe in investing in you, helping you embrace leadership opportunities at every step of your career, and helping you identify and hone your unique strengths. We encourage you to grow by providing formal and informal development programs, coaching and mentoring, and on-the-job challenges. We want you to ask questions, take chances, and explore the possible.
Benefits you'll receive:
Deloitte’s Total Rewards program reflects our continued commitment to lead from the front in everything we do—that’s why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being needs. We provide the benefits, competitive compensation, and recognition to help sustain your efforts in making an impact that matters.
Corporate citizenship:
Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people, and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities.