Senior Splunk Security Engineer

Want to be a part of our team?

We are seeking a skilled and experienced Splunk Engineer to join our dynamic IT team for a client. As a Splunk Engineer, you will play a crucial role in maintaining and optimizing our Splunk infrastructure to ensure the efficient collection, indexing, and analysis of machine-generated data. You will collaborate with cross-functional Security teams to implement and manage Splunk solutions that meet the organization's operational and security needs.

Working at NTT

Key Responsibilities:

1. Splunk Infrastructure Management:

• Install, configure, and maintain Splunk components, including Splunk Enterprise, Splunk Universal Forwarder, and Splunk Heavy Forwarder.
• Monitor and optimize the performance of Splunk clusters to ensure efficient data processing and search capabilities.
• Troubleshoot and resolve issues related to Splunk infrastructure, ensuring high availability and reliability.

2. Data Ingestion and Parsing:

• Design and implement data ingestion strategies for various log sources into Splunk.
• Develop and maintain parsing configurations to normalize and enrich incoming data for effective analysis.
• Collaborate with application owners and IT teams to onboard new data sources into Splunk.

3. Search and Reporting:

• Create and optimize search queries and reports to extract valuable insights from the indexed data.
• Customize and implement Splunk dashboards for different stakeholders to visualize key performance indicators and security metrics.

4. Security and Compliance:

• Implement security best practices within Splunk to safeguard sensitive data.
• Collaborate with the security team to configure and monitor alerts for suspicious activities or security incidents.
• Ensure compliance with industry regulations and internal policies related to log management and data retention.

5. Automation and Scripting:

• Develop automation scripts using SPL (Search Processing Language) and other scripting languages to streamline administrative tasks.
• Continuously seek opportunities to improve efficiency through automation in Splunk processes.

6. Documentation and Training:

• Maintain thorough documentation of Splunk configurations, processes, and troubleshooting procedures.
• Provide training and support to other IT team members on Splunk best practices and usage.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Proven experience as a Splunk Engineer in enterprise-level environments.
• some experience in network and application security, with expertise in Palo Alto, Bluecoat, F5 (LTM, ASM, APM), ASA VPN is an asset.
• Strong knowledge of Splunk architecture, components, and best practices.
• Proficient in SPL and scripting languages like Python or Bash.
• Experience in designing and implementing data ingestion strategies.
• Solid understanding of security principles and their application in Splunk.
• Excellent problem-solving and troubleshooting skills, with the ability to work well under pressure.
• Strong communication skills and the ability to collaborate with diverse teams.
• A proactive approach to identifying and mitigating security vulnerabilities and risks.
• Demonstrated ability to work in a fast-paced and dynamic environment.
• Fluent in English
• Relevant certifications are a plus.
• The candidate must be native from a NATO country and a valid NATO Secret Clearance is a plus.

Skills Summary

Automation Technology, Information Technology Infrastructure Library (ITIL), Infrastructure Deployment, IT Infrastructure Management, Managed Services Delivery, Scripting, Solutions Design, Technical Consulting

Workplace type:

On-site Working

Equal Opportunity Employer

NTT is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, color, sex, religion, national origin, disability, pregnancy, marital status, sexual orientation, gender reassignment, veteran status, or other protected category