Splunk Security Automation Metrics Engineer
Click the Facebook, Google+ or LinkedIn icons to share this job with your friends or contacts. Click the Twitter icon to tweet this job to your followers. Click the link button to view the URL of the job, which then can be copied and pasted into an e-mail or other document.
Wilmington, DE 19806
If you are ready to jump start your career, BTS is the place for you.
Berkley Technology Services (BTS) is a dynamic company committed to providing world class IT services. We offer a unique culture, enabling our team members to be on the cutting edge of technology while delivering high quality solutions. We are looking for outstanding individuals who will bring unique perspectives, insight and innovation to our teams. BTS, a member company of W. R. Berkley Corporation, has facilities located in Des Moines, Iowa and Wilmington, Delaware. Our functions include working with various third parties to develop, integrate, and support insurance systems of WRBC’s operating units. BTS strives to provide these functions in a holistic manner including helpdesk support, system connectivity, and operational support. Additional responsibilities include coordinating communications regarding best practices in the use of our supported systems and researching new technology. At BTS, there are opportunities associated with being a part of an established and empowering corporation while maintaining a positive personal working environment. Additionally, we provide a competitive compensation and benefits package including a casual dress code. BTS is constantly growing and expanding to meet the changing demands of one of the most successful insurance organizations in the world. Visit us at berkley-bts.com to learn more information.
Security Automation & Metrics Engineer
The Sr. Splunk Security Engineer will be a member of the Berkley Information Security team. This team is responsible for identifying, developing and deploying cybersecurity controls across Berkley, leveraging the firm’s assets, network and data to identify threats. This role will partner heavily with IT, Networking, an Incident Response. This role will focus on creating meaningful security metrics and developing security automation.
Information Security has the responsibility of ensuring ingestion of various log types and data sources into our SIEM tool and production support of the environment. The role also involves use case development and ongoing upkeep per intel provided from various peer teams within the Cyber Security organization.
This role will focus on creating security metrics and security automation leveraging Splunk. The role requires a strong self-starter with a track record who can understand program objectives, standardized approach, and independently and proactively engage internal partners to align on an agreed upon solution.
+ Creating tactical and strategic security metrics to provide real time information to the security team
+ Development with security automation tools and playbook design , experience with Demisto or Phantom
+ Configure and maintain Splunk cloud environment and in-depth knowledge of logs generated by various systems
+ Work with internal teams to evangelize Splunk Best Practices, Workflows and Processes
+ Design & build custom Splunk correlation searches based upon the MITRE ATT&CK Framework
+ Log on-boarding of application logs into Splunk and creating dashboards, alerts, and reports
+ Develop custom app configurations (deployment-apps) within SPLUNK in order to parse, index multiple types of log format across all application environments
+ Extensive experience in deploying, configuring, upgrading and administering Splunk at an enterprise level.
+ Design and customize complex search queries and promote advance searching, forensics, and analytics
+ Participate in incident, problem, and change management process related to Splunk
+ Work closely with Linux and Windows server administration teams to diagnose and resolve configuration issues
+ Be well versed in Splunk technology, implementation of best practices and have a working knowledge in the variety of architectural variations of the Splunk product.
+ Hands on experience with Enterprise Applications
+ Hands on experience with Security Tools such as IDS/IPS, AV, EDR
+ Scripting/Programming experience with Python, Perl, Powershell or Bash
+ Experience working in a large corporate enterprise environment
+ 4+ years of experience with deep technical expertise and strong leadership supporting Splunk
+ 4 Year bachelor’s degree in Information Technology, Cyber-security, Computer Science or related field; or other evidence of exceptional ability with 8+ Years of experience in IT
Job ID: 2018-2109
Name: Berkley Technology Services LLC
Street: 101 Bellevue Parkway
Post End Date: 6/1/2019