Splunk SME

Splunk Security Analyst - Cybersecurity Programmes

£575.00 per day inside IR35, 12-month contract

Location: Hybrid - London 2-3 days per week, the rest remote

Candidates must have strong experience of Splunk Enterprise Security with the ability to demonstrate proof of concept into a live environment (Network/Security solutions).

Main Purpose of the Role:

The Cybersecurity Technical resource is responsible for management and delivery on large, strategic and complex cybersecurity projects. The role manages the execution of project/product cybersecurity elements across cross-portfolio programs and services. Executions include working with multiple security, IT and other leadership/stakeholders and a variety of security, IT and engineering technical resources to identify, plan and deliver cybersecurity initiatives.

Deliverables include, but are not limited to:

• To support the delivery of cyber projects within agreed scope, cost and timescale.
• To deliver Splunk solutions across multiple regions.
• To manage and work independently or as part of a team in delivering complex projects.
• Design and implement the Splunk solution including log ingestions from various sources.

Responsibilities:

In this role, you will be responsible for cybersecurity technical project delivery across the banking arm and securities business under a dual-hat arrangement. Under this arrangement, you will act and make decisions on behalf of both the bank and the securities business, subject to the same remit and level of authority, and irrespective of the entity which employs you.

Key responsibilities include but, but not limited to:

• Implement the Splunk solution with a focus on log ingestion from various sources as well as integration with vendor applications where integration is possible.
• Interpret cybersecurity relevant regulatory and other requirements or best practices and translate these to business aligned cybersecurity programme requirements.
• Manage the delivery of cybersecurity projects within agreed scope, cost and timescale across Bank and Securities.
• Support of the delivery of the cyber portion of allocated Cross Portfolio projects including implementation of cyber projects
• The technical resource will be responsible for support and execution of the following deliverables as required: business requirements, technical design and architecture, engagement with other infrastructure teams,
• Splunk Infrastructure to be configured and deployed with a good knowledge of Windows and Linux OS

Skills and Experiences:

• Knowledge/experience of designing and architecting Splunk solutions for large organisations
• Proven knowledge on Splunk admin such as Search Head Cluster & multi-site Indexer cluster.
• Knowledge of Splunk Enterprise Security configuration
• Knowledge of Splunk Heavy Forwarders & Universal Forwarders and its configuration management through Splunk Deployment Servers.
• Knowledge on various type of data on-boarding in Splunk using DB Connect, various splunk apps/add-ons & syslog-ng and should be compliant with Splunk CIM (Common Information Model)
• Strong Infrastructure Knowledge/experience
• Govern and advise on technical direction especially through technical workshops and 1:1 coaching session to ensure alignment to business strategy.
• Creation and maintenance of technical guides to convey fact, simply and effectively to both peers and those less experienced.
• Should have good knowledge on Linux Operating Systems (Preferably RHEL 7 & 8)
• Cyber Security Technology Knowledge/experience

Work Experience:

• Experience in working on multiple projects with broad scope, ambiguity, and high degree of difficulty
• Experience in technology projects such as implementation of Cyber infrastructure replacement etc.
• Demonstrable proficiency in a wide range of information IT security technologies and Embedded security; at the minimum knowledge must cover key cybersecurity domains such as Identity and Access Management, Incident Management Posessing high level of analytical ability where problems are typically unusual and difficult
• Ability to maintain a working knowledge of cybersecurity principles and elements
• Understand global program structure, launch plan and timing, and global program ownership
• Demonstrable experience of senior stakeholder management and relevant management reporting.
• Ability to coach team members through knowledge transfer and constructive feedback

Education/Qualifications:

• Degree educated and/or equivalent experience.
• You are a leader and an expert in delivery of cyberframeworks and associated key solutions
• A demonstrable passion for cybersecurity
• Excellent communication/leadership/interpersonal skills; results driven and with strong sense of accountability
• You are experienced in engaging and persuading teams to accept and participate in best-in-class security architecture and operations
• Data-driven, ability to analyze data needed to effectively measure progress against the execution of objectives
• You successfully convey technical information in an understandable way that generates results
• A troubleshooter who proactively removes roadblocks and pursues solutions to problems that stand in the way
• You value and develop trusted relationships at every operational level
• The ability to operate with urgency and prioritise work accordingly
• Strong decision making skills, the ability to demonstrate sound judgement
• A structured and logical approach to work; Strong problem solving skills
• A creative and innovative approach to work
• Excellent presentation skills and excellent attention to detail and accuracy
• The ability to manage large workloads and tight deadlines
• A calm approach, with the ability to perform well in a pressurised environment

Please send your CV to jamesinglebyjones@idpp.com