Sr. Manager, Splunk Engineering

About The Position

Requirements

• Education and/or experience typically obtained through completion of a bachelor’s degree in computer science, IT, Security, Engineering, or Math.
• Minimum 10 years of Splunk and/or information security technology experience.
• Demonstrated ability to lead, mentor, coach and guide
• Ability to work within a team environment and independently.
• Effective communication skills to speak and write for all technology experience levels.
• Effective interpersonal skills, able to comfortably present to peers, coworkers, and customers.
• Excellent experience in analyzing technical issues and making recommendations for corrective action.
• A propensity for continued development of skills though research and training.
• Expert in analyzing advanced technical issues and solving problems or making recommendations for corrective action.
• In-depth knowledge of SIEM components, data ingestion processes, and querying data.
• Demonstrated capability to steer projects, oversee daily tasks, and directly engage in technical duties.
• Exceptional problem-solving, organizational, and communication skills, with the competency to elucidate technical concepts to non-technical audiences.
• Expert knowledge of network monitoring and network exploitation techniques.
• Expert experience in responding to malicious threats coming from various sources.
• Experience managing technical staff and direct reports.
• Background and drug screen

Nice To Haves

• Master’s degree in computer science, IT, Security, Engineering or Math.
• Subject matter expert within infrastructure, engineering, operations or application security technology domains.
• Splunk certifications
• Experience in cloud technologies
• Strong background in scripting (Bash, PERL, Python) and Unix/Linux system management.
• Experience with Splunk ES / UBA and various logging systems (syslog-ng/rsyslog, ELK, Filebeat, Kafka, Cribl, Fluentd, Graylog).

Responsibilities

• Mentors and manages the Splunk Engineering team and provides effective leadership to drive a highly engaged, high-performance team.
• Leads the risk and security organization staff to identify, document, architect and develop process efficiencies.
• Maintains an excellent understanding of standard roles, processes and tools utilized within an information security organization.
• Defines, leads, gathers, writes and formalizes process use-cases, functional, and non-functional requirements.
• Communicates and organizes stakeholders and customers within projects to build sustainable solutions with required capabilities.
• Leads, architects, and designs solutions based on project use cases and requirements.
• Leads both the strategic and tactical management of the Splunk Enterprise, Security & User Behavioral Analytic ecosystems, concentrating on data incorporation, system fine-tuning, capacity planning, security and system updates.
• Develops and manages effective monitoring, alerting, and reporting to uphold service level agreements and ensure visibility into system status, usage and security threats.
• Leads efforts to update platforms and apply patches, addressing vulnerabilities and adhering to supported standards.
• Collaborates with other information security departments to augment threat detection capabilities and bolster incident response actions.
• Leads incident management processes, including troubleshooting, resolving outages, and conducting breach investigations.
• Directly engages with end-users for requirements gathering, troubleshooting, and crafting Splunk queries, alerts, reports, and dashboards, ensuring hands-on involvement in technical tasks.
• Produces, updates, and verifies documentation accuracy and relevance for the logging environment.
• Works alongside auditors and fulfills regulatory standards, employing security tools to aid in compliance initiatives.
• Delivers metrics related to platform performance, capacity, and user management, involving direct analysis and refinement efforts.
• Ensures 24x7 operational readiness and swift incident response through participation in an on-call roster.
• Keeps abreast of the latest technologies, trends, and strategies in the field, applying best practices for logging and monitoring.
• Impacts the CSIRTS team to be able to respond to threats by creating, tuning and testing high fidelity rules for our SIEM platform
• Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of detecting threats
• Supports the company’s commitment to risk management and protecting the integrity and confidentiality of systems and data.

Benefits

• Healthcare Coverage – Competitive medical (PPO/HDHP), dental, and vision plans as well as company contributions to your Health Savings Account (HSA) or pre-tax savings through flexible spending accounts (FSA) for commuting, health & dependent care expenses.
• 401(k) Retirement Plan – Featuring a 100% Company Safe Harbor Match on your first 6% deferral immediately upon eligibility.
• Paid Time Off – Flexible Time Off for Exempt (salaried) employees, as well as generous PTO for Non-Exempt (hourly) employees, plus 11 paid company holidays and a paid volunteer day.
• 12 weeks of Paid Parental Leave
• Maven Family Planning – provides support through your Parenting journey including egg freezing, fertility, adoption, surrogacy, pregnancy, postpartum, early pediatrics, and returning to work.