DESCRIPTION:

Primary responsibilities for administration and development & integration support for Splunk Cloud. Develops, recommends, implements, and manages the technical architecture (hardware, software, database, and communications) which will be used for all or specific applications in a large, distributed cross-platform environment. Responsibilities also include the identification of relevant information and the determination of the environment, which will be used for development.

GENERAL SKILLS:

· Leadership experience in the development and implementation of technical security architectures at the specified experience level.
· Extensive experience with at least two cloud service providers (i.e. AWS, Azure, GCP) , enterprise security services, Identity and database technologies, and network access protocols.
· Experience in structured methodologies for the design, development and implementation of cloud applications.
· Extensive experience in systems analysis and design in large secure solution environments.
· Knowledge and experience designing processes around ITIL and is able to guide others using this methodology.
· Experience translating business requirements into solution needs.
· Experience preparing conceptual, logical and/or physical processes and data models.
· Experience developing, recommending, implementing and managing technical security architecture.
· Awareness of emerging technologies, trends and directions.
· Excellent analytical, problem-solving and decision-making skills; verbal and written communication skills; interpersonal and negotiation skills.
· A team player with a track record for meeting deadlines.
· Knowledge and understanding of Information Management security principles, concepts, policies and practices.

EXPERIENCE AND SKILL SET REQUIREMENTS

· Advanced knowledge and experience with Security Information & Event Management technology: (45%)

EXPERIENCE WORKING ON AGILE PROJECT DELIVERY TEAMS. WORKING EXPERIENCE WITH:

· Backlog
· User stories
· Scrum
· Sprints
· Security Operations Experience (35%)
· SIEM use case development, rationalization and configuration.
· SIEM dashboard creation
· Security operational process development and documentation (playbooks/runbooks)
· MITRE Framework

PREVIOUS PUBLIC SECTOR EXPERIENCE (5%)

· Previous public sector work experience is considered a positive

· Provide engineering and operational support for the Splunk Cloud Security Incident and Event Management (SIEM) platform. This includes assisting with the implementation and support of SPLUNK Cloud across multiple environments and varying OS types.
· Provide integration support and development effort on design related changes or introduction of new business requirements to Splunk Cloud.
· Support ongoing work efforts to develop and administer Splunk Cloud can continue as new requirements, functionality or integration is required to enable our modern enterprise security monitoring program and target state operating model within the current project timelines.