Job type full-time
Full job description
This is a remote positionWe are a global team that leverages the latest technology to communicate with our colleagues across the globeWhen it’s safe to do so, there may be times in which this role would be required to travel to a local office for in person collaborations with your team.
Being a splunk engineer at imanage means…
Your primary responsibility is maintaining the operations of, and helping design future architectures for, an enterprise wide splunkIn this role, you will coordinate with teams that handle the day-to-day monitoring of, and initial security event detection and analysis for, all production systems, network infrastructure as well as all related information security systems, data and event logs using our siem and related toolsYou will get to work with a highly skilled and experienced team focused on building the next generation of security solutions for our saas solutions in a world class splunk environment.
Here is what our leaders, manager of cloud security engineers (joe hartmann), has to say about the growth opportunity for this role: ”our team is expanding and is actively searching for technical professionals to come join our dedicated, energetic and fast-growing global teamIf you are currently in another area of it, and are considering a move into information security, this position is the gateway into that worldPrior experience is less important to us than the capability, willingness, and motivation to learn across a wide variety of technical areas.”
Im responsible for…
Developing a strategic siem and security analytics architecture that aligns with business needs in support of security detection and response operations
Building out and implementing reports and visualizations to inform security managers
Acting as primary contact and project manager for the onboarding of new data sources including normalization
Ensuring data quality standards are achieved (e.gSplunk cim compliance, data models, acceleration)
Engaging 3rd party vendors and service providers as needed for support of core splunk operations
Troubleshooting and configuring data collection across networking devices, various platforms, databases, and host operating systems
Actively monitoring key performance indicators for overall splunk health and stability
Identifying and performing root cause analysis for sources of splunk infrastructure and operations service degradation
Building, deploying, and maintaining splunk infrastructure and applications utilizing existing automation tools and processes to minimize manual work (e.gWindows, linux, azure, aws, etc)
Performing as an administrator for splunk enterprise security app
Acting as technical team lead in the development as well as delivery of custom content and event reporting
Im qualified because i have…
3+ years of direct splunk administration experience
2+ years of experience working with siem tools performing over the full lifecycle including: deployment, configuration, maintaining operations, content development, and retirement
1+ years of familiarity or working experience with security tools (e.gFirewalls, ids, edr, iam)
1+ years working on or with cross discipline teams such as: incident response, compliance, and site reliability engineering
Proficiency creating splunk knowledge objects such as: field extractions, event types, tags, lookups, data models, etc.)
Assisted in the creating, updating, and managing of notable events
Used or/and administrated splunk premium apps such as splunk es, uba, or itsi
Custom use case and correlation search content development experience including statistical and analytical modeling (ideally utilizing splunk mltk)
Scripting and automation experience automating tasks
Experience around log collection strategies for containers using docker, kubernetes and mesos as well as third-party container security products such as sysdig, twistlock, tanium
Hands on experience maintaining splunk tas, add-ons, and applications
Bonus points if i have...
Direct experience deploying splunk enterprise in a public cloud environment
Hands on experience implementing with cribl logstream
Automation experience using ansible, puppet, chef, terraform, and/or salt
An understanding of various logging solutions such as elastic logstash, apache kafka & syslog
One or more of the following certifications: splunk certifications (certified splunk administrator preferred), aws or azure certifications, docker certifications or isc2 cloud security certification (ccsp)
Im getting to…
Join a supportive, experienced team benefiting from continuous growth within an inclusive, encouraging and vibrant culture
Onboard remotely and be included in all aspects of imanage life
Collaborate cross functionally
Help mentor, lead, and coach junior team members
Focus on meaningful work, solving complex, real world issues utilizing the latest technologies and protocols
Own your learning and growth within our career development support framework plus, access a huge range online learning library
Receive competitive benefits that include; attractive salary based on market data, health/vision/dental/life insurance, 401k matching, performance bonuses, flexible working environment, generous pto, unlimited sick days and so much more!
Imanage is dedicated to making knowledge worktmOver one million professionals across 65+ countries rely on our intelligent, cloud-enabled, secure knowledge work platform to uncover and activate the knowledge that exists inside their business content and communications.
We are continuously innovating to solve the most complex professional challenges and enable better business outcomes; our work is not always easy but it is ambitious and rewarding.
So we’re looking for people who love a challengePeople who are happiest when they’re solving problems and collaborating with the industry’s best and brightestThat’s the imanage wayIt’s how we do things that might appear impossibleHow we develop our employees’ strengths and unlock their potentialHow we find meaning in everything we do.
Whoever you are, whatever you do, however you workMake it mean something at imanage.
Learn more at: www.imanage.com
Please see our privacy statement for more information on how we handle your personal data: https://imanage.com/privacy-policy/