Cyber Security Engineer
Description✓What you'll be doing:
✓Installation & support of Splunk Enterprise Platform
✓Working with Admin ON Demand / Splunk PS to conclusion of issues within the environment
✓On-Boarding new data sources and Apps and Add-ons into Splunk
✓Building/testing log ingestion sources
✓Development of automation scripts using Python and various toolset API's
✓Supporting SIEM and SOAR technologies
✓Provide ongoing management and administration of cyber security solutions
✓Provide support to projects delivering and implementation of cyber security solutions
✓Where required, integrate with service operations and project delivery to enable quick and compliant change and service stability
✓Installation & support of security toolset hardware
✓Provide guidance and support to team members where required
✓Your skills and experiences:
✓Essential:
✓Knowledge of deploying, maintaining, and configuring the Splunk Enterprise Platform
✓A strong technical background with a proven experience in a Cyber Security role
✓Good understanding of architecture and configurations of large-scale networks [30,000+ devices] and the underlying security technologies
✓Experience of working with system management toolsets in a technical capacity
✓Previous experience and exposure to Windows Event Collection/Forwarding [build, configuration, and tuning], Log sources and ingestion, CIM Mapping, RegEx Field Extractions, Syslog + ParsingDesirable:
✓Ideally with exposure of VMware, Windows, UNIX, and associated technologies
✓Trained to Splunk Enterprise Certified Admin level
✓Relevant Security Certifications are desirable but not essential [CISSP, GIAC [Advanced Certifications] e.g., GCIA, GCIH or GCFA and CompTIA Security +
✓The role that you are applying for is restricted to candidates will require you to obtain Security Clearance
✓It will therefore not be possible to take your application any further if you are are not eligible for Security Clearence Show more →
✓Installation & support of Splunk Enterprise Platform
✓Working with Admin ON Demand / Splunk PS to conclusion of issues within the environment
✓On-Boarding new data sources and Apps and Add-ons into Splunk
✓Building/testing log ingestion sources
✓Development of automation scripts using Python and various toolset API's
✓Supporting SIEM and SOAR technologies
✓Provide ongoing management and administration of cyber security solutions
✓Provide support to projects delivering and implementation of cyber security solutions
✓Where required, integrate with service operations and project delivery to enable quick and compliant change and service stability
✓Installation & support of security toolset hardware
✓Provide guidance and support to team members where required
✓Your skills and experiences:
✓Essential:
✓Knowledge of deploying, maintaining, and configuring the Splunk Enterprise Platform
✓A strong technical background with a proven experience in a Cyber Security role
✓Good understanding of architecture and configurations of large-scale networks [30,000+ devices] and the underlying security technologies
✓Experience of working with system management toolsets in a technical capacity
✓Previous experience and exposure to Windows Event Collection/Forwarding [build, configuration, and tuning], Log sources and ingestion, CIM Mapping, RegEx Field Extractions, Syslog + ParsingDesirable:
✓Ideally with exposure of VMware, Windows, UNIX, and associated technologies
✓Trained to Splunk Enterprise Certified Admin level
✓Relevant Security Certifications are desirable but not essential [CISSP, GIAC [Advanced Certifications] e.g., GCIA, GCIH or GCFA and CompTIA Security +
✓The role that you are applying for is restricted to candidates will require you to obtain Security Clearance
✓It will therefore not be possible to take your application any further if you are are not eligible for Security Clearence Show more →