Back to Job Search

Splunk Practice Lead

  • Location: New York
  • Salary: US$180000.00 - US$210000.00 per annum
  • Job Type:Permanent

Posted 13 days ago

  • Contact: Sebastian Boudreau
  • Contact Email: sebastian.boudreau@cloud-international.com
  • Start Date: ASAP
  • Expiry Date: 08 April 2023
  • Job Ref: BBBH20708_1678376479

Note: This is a remote position but candidates are required to live in the Northeast region (ideally close to Boston or New York Metro). Some travel in the Northeast required.

Role and responsibilities:
● Delivering professional services in an enterprise level consultative role
● Ability to lead a portfolio of large complex projects, delegating tasks across multiple engineering resources and teams without oversight
● Proactively works to mature the practice, including improving existing offerings, creating new offerings, and mentoring team members
● Author comprehensive business and technical collateral to support the practice that is proficiently tailored to both technical and managerial audiences
● Support sales efforts through conference speaking, blog/white paper authoring, and podcast speaking/producing

Required experience:
● Minimum 5 years delivering professional services in an enterprise level consultative role
● Advanced working knowledge of data analytics platforms and their underlying infrastructure
● Deep expertise architecting and designing enterprise scale data collection, aggregation, normalization, and enrichment strategies
● Deep expertise developing advanced security-focused content for Splunk, including creation of complex threat detection logic and operational dashboards
● Expertise designing and developing security automation and orchestration (SOAR) playbooks
● Scripting and development skills (e.g. BASH, Perl, Python or Java) with strong knowledge of regular expressions
● General networking and security troubleshooting (firewalls, routing, NAT, etc.)
● Deep proficiency in various client and server operating systems
● Working technical knowledge of advanced security concepts

Preferred experience:
● Experience with SOAR platforms such as Splunk/Phantom, Palo Alto XSOAR/Demisto, and Swimlane
● Advanced Splunk Certifications such as Splunk Core Certified Consultant, Splunk Enterprise Security Certified Admin, Splunk Enterprise Certified Architect, and Splunk SOAR Certified Automation Developer
● Experience with platforms such as Ansible, Puppet, Chef, Terraform and SaltStack
● Experience with other Information Security solutions including DLP, CASB, SDWAN, Deception, NAC, Proxy, EDR/EPP/NGAV, SIEM, Vulnerability Management, System Hardening, etc.
● Experience authoring security runbooks, policy, and best practice documentation
● Bachelor's degree in a relevant discipline or equivalent professional experience