SECURITY ANALYTICS ENGINEER

SECURITY ANALYTICS ENGINEER

  • Location

    England

  • Sector:

    Technology

  • Job type:

    Contract

  • Salary:

    £550 - £575 per day

  • Contact:

    Lee Barham

  • Contact email:

    leeb@eligo.co.uk

  • Job ref:

    Splunk Contract #1_1655818062

  • Published:

    about 2 months ago

  • Duration:

    6 months

  • Expiry date:

    2022-07-21

  • Startdate:

    ASAP

  • Client:

    #

  • Consultant:

    #

SECURITY ANALYTICS ENGINEER

Key Accountabilities

  • The role requires the candidate to participate and jointly take responsibility for successful implementation of security operations requirements into solutions.
  • The successful candidate will work closely with on-shore and off-shore development and run teams
  • Take the lead on the design, development and delivery of product roadmaps to support the evolution of core security services, aligning deliveries to customer strategy.
  • Strong technical expertise is required for the role. The candidate will follow technical practices and strive for technical excellence both in security and software development
  • Building a strong working relationship with Cyber Operations teams and helping them define requirements

Stakeholder Management and Leadership

It would be required from time to time to liaise and discuss elements of work with security SMEs, developers and senior management (Directors and MD's) to present and collate security strategy for CSO.

A successful candidate will have a track record of being able to dive into the detail with key SME's but work with senior management to influence overall strategy.

Risk and Control Objective

Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Policies and Policy Standards

Person Specification

  • Self-motivated and organised person
  • High degree of (hands-on) technical guidance & vision with broad subject matter expertise in security technologies, specifically SIEM and UEBA.
  • Excellent ability to execute where information is ambiguous, utilising professionalism, experience and prior knowledge
  • Excellent analytical and problem solving skills

Essential Skills/Basic Qualifications:

  • Career proven history of supporting and has been in lead roles within the following security technology toolsets.
    • Splunk Enterprise Security and Splunk Enterprise
  • Strong knowledge of Splunk architecture, distributed components (indexer clusters, forwarders, search head clusters, deployment servers, DMCs )
  • Strong knowledge of Splunk Enterprise Security at administration and use case level
  • Understanding of the Common Information Model
  • Strong knowledge of data models, enrichment and automation
  • Experience in integrating SIEM and UEBA with other Cyber tooling
  • A good knowledge of the Linux Server platform.
  • Strong interpersonal skills; role will require engagement with a varied and global internal customer base
  • Negotiation and prioritisation skills; role will require the ability to negotiate and prioritise activities with senior stakeholders based on available resources
  • Documentation skills in order to provide high quality documentation for internal customers and technical support teams
  • Openness to learning and managing additional Information Security technologies as business requirements change
  • Understands the requirements of governance in a large financial environment, particularly around Change Management, Risk Management, handling major and minor incidents, Disaster Recovery planning / testing and meeting requirements of rigorous Audit mandates
  • Strong knowledge of security network architectures (e.g. Firewalls, DMZ, proxies, DNS, web and mail servers) and the principles of network
  • Exposure to cloud technologies, AWS, Azure and SaaS based security solutions
  • Ability to think architecturally at 'big picture' and able to translate this into practical security implementation

Desirable skills/Preferred Qualifications:

  • Experience of other analytical tools and capabilities used in a Cyber Anayltics : Elastic, Exabeam, Imperva, etc
  • Experience in other operating systems
  • Relevant professional certifications in information technology or cloud security e.g. CISSP, CCSP,
  • Strong background in computer science and engineering

For more information, please contact Lee Barham on 0203 971 1885 / 07375 038 513.