Splunk Enterprise Security Admin (L10)

Synchrony - Maryland3.9

Job Description:
Role Summary/Purpose:
The Splunk Enterprise Security Admin will perform enhancements, upgrades, and expansions to a large enterprise-scale Splunk Enterprise Security implementation in a Search Head Cluster. He or she will drive new technical integrations and best practices, assist with migration to the cloud, ensure robust searching and alerting across clusters, and troubleshoot issues as needed. The Splunk Enterprise Security Admin provides guidance and support to the Splunk Operations team and partners closely with the Security Content team, AWS Cloud team, Identity and Access Management, and the Splunk Development teams to enhance practices and ensure that Splunk is performing exceptionally well and reliably across the enterprise.

Essential Responsibilities:
Manage and implement upgrades, enhancements, and expansions for Splunk Enterprise Security in a search head cluster environment
Provide end-to-end technical oversight across security-relevant Splunk technology add-ons and knowledge objects
Collaborate to ensure integration of all security tools, including security orchestration tools and threat intelligence feeds, as well as asset and identity data
Support development of scripts (python, JavaScript, etc.) as needed in support of data collection or integration
Develop searches, reports and dashboards as needed in support of the detection team and Joint Security Operations Center
Manage access controls for the Enterprise security cluster
Perform capacity planning and integration across the environment
Maintain documentation including Management Guides, Operation Plans, Workflows, Processes, and Continuity of Business Plans
Perform other duties and/or special projects as assigned

Bachelor's Degree and a minimum 3 years of Technology experience or, in lieu of a Bachelor Degree, a High School Diploma/GED and a minimum of 7 years of Technology experience
Minimum 3 years’ experience configuring and managing Splunk
2+ years’ experience as Splunk Admin, Architect or security content developer
1+ years’ experience with Enterprise Security Administration
Certified as either Splunk Admin or Power User

Desired Characteristics:
Experience as Splunk Enterprise Security Admin in an Enterprise-scale environment
Experience with Splunk Cloud
Proficient with SAML, python, JavaScript and REST
Proficient with automation tools – Chef, Ansible
Experience with Agile Management Principles
Experience with Version Control tools – Git, Bitbucket
Expertise in Data Management and Enrichment
Expertise in security data sources and use cases
Knowledge of Data Analytics
Results driven, strategic, conceptual, and innovative thinker
Excellent consulting skills and superior ability to develop and maintain effective client relationships
Ability to work independently as well as part of a team
Highly analytical, detail-oriented, and strong problem solving with a common-sense approach to resolving problems
Expertise to clearly define complex issues despite incomplete or ambiguous information
Strong oral and written communications skills
Strong interpersonal and critical thinking skills
Excellent communication and relationship building skills
Expert knowledge of Splunk Development, including scripting and api development
Strong analytical skills.

Eligibility Requirements:
You must be 18 years or older
You must have a high school diploma or equivalent
You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the selection process
You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.
Effective 1-1-18, new hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this new hire time in position requirement is met, the associate will have a minimum 6 months’ time in position before they can post for future non-exempt roles. Employees, level 8 or greater, must have at least 24 months’ time in position before they can post. All internal employees must have at least a “consistently meets expectations” performance rating and have approval from your manager to post (or the approval of your manager and HR if you don’t meet the time in position or performance requirement).
Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Reasonable Accommodation Notice:
Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.
If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627. Representatives are available from 8am – 5pm Monday to Friday, Central Standard Time.
The salary range for this position is 60,000.00 - 130,000.00 USD Annual

Salaries are adjusted according to market in CA and Metro NY and some positions are bonus eligible.

Grade/Level: 10

Job Family Group:
Information Technology