Senior Splunk Engineer

Bank of AmericaChicago, IL
77d
Match Resume

About The Position

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! Our Security Operations and Threat Response team within Bank of America's Cyber Security Technology function works to continuously strengthen the bank's cyber security posture through partnership and delivery of technology to support our content detection and threat hunt teams. This team works with partners in Cyber Security Operations to deliver robust technology solutions and support for detection engineering environments and content scenarios.

Requirements

  • Minimum of 6+ years of experience in a technical role in Security Operations, Incident Response, or Content Development.
  • Direct experience performing content detection engineering and threat hunting in a corporate environment.
  • Significant experience with Splunk Procedure Language to create and tune detections.
  • Experience mapping data fields to a common data model such as CEF, OCSF.
  • Experience with large datasets and log analysis tools including Splunk, Python, Pandas, SQL, Hadoop, Hue.
  • Ability to build consensus and drive results across a complex organization.
  • Experience with enterprise scale EDR, SIEM, and SOAR tools.
  • Experience in requirements gathering, documentation, and product testing.
  • Splunk Infrastructure Management Experience/Knowledge.
  • Ability to troubleshoot and resolve issues related to Splunk Infrastructure.

Nice To Haves

  • Experience with offensive security tools and integration of SIEM, SOAR, CSPM.
  • Knowledge of basic Data Science concepts and processes.
  • Experience performing security analysis and threat hunting in Cloud environments such as Azure, M365, AWS.
  • Experience Maintaining KV Stores.
  • Experience Performing Regular Updates/Upgrades on Splunk Apps and Add-ons.

Responsibilities

  • Analyze, triage, and support data transformation initiatives as part of the Splunk team.
  • Enhance the security data environment to provide optimal uptime of the platform.
  • Provide tactical and strategic enhancements to the platform for cyber security technology and operations teams.
  • Share knowledge and mentor junior members of the Security Operations and Threat Response team.
  • Work with Cyber Defense operational and technical teams to develop detection strategies and analytics.
  • Advise on product assessments, policy adjustments, and architectural transformations.
  • Design cutting-edge detective, preventative, and proactive controls.
  • Write efficient SPL to support detection needs.
  • Design and implement data ingestion strategies for various log sources into Splunk.
  • Develop and maintain parsing configurations for effective analysis.
  • Create and optimize search queries and reports to extract insights from indexed data.
  • Implement security best practices within Splunk.
  • Collaborate with the security team to monitor alerts for suspicious activities.
  • Ensure compliance with industry regulations related to log management.
  • Develop automation scripts to streamline administrative tasks.
  • Maintain thorough documentation of Splunk configurations and processes.
  • Provide training and support to IT team members on Splunk best practices.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Industry

Credit Intermediation and Related Activities

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service