Logo
Verizon

Principal Splunk Engineer

Verizon, Temple Terrace, Florida, United States,


When you join Verizon

You want more out of a career. A place to share your ideas freely - even if they're daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love - driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together - lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the V Team Life.Verizon is proud to continually earn a spot in Gartner's Leader Quadrant for Managed Security Service Providers (MSSPs) supporting F500 and government agencies around the world. Our Managed Security Services range from security operations centers, security engineering, and cyber intelligence to assessments, planning and implementation. In support of our world leading position in cybersecurity, we are adding a Principal SIEM Engineer due to growth with focus on the latest SIEM and SOAR technologies. This is an excellent opportunity to join a growing high performing team.The Principal Splunk Engineer is a part of our Analytics Security Operations Center (ASOC) within Verizon's Managed Security Services team. This role is designed to provide senior level leadership for the design, engineering, and implementation of security event data collection for our managed security service customers related to incident response, threat monitoring, threat intelligence, and operations. These programs pertain to the data identification, assessment, ingestion, normalization and enrichment activities required for Verizon's ASOC to perform proper detection and analytics of cyber threats and response.Responsibilities include:Lead and perform the content development within the SIEM Platform which includes use case creation, dashboard design, tuning of use cases to minimize false positives, development of reporting metrics such as SLA and KPI reports and log source configuration

Participate in use case development, provide technical input into designs, and maintain SIEM use cases throughout their lifecycle including SOAR integration and contributing to playbooks.

Work with the customer to incorporate asset landscape details, severity threats campaigns, and data breaches, as well as perform impact and exposure assessments relative to the customer

Threat hunting and independent threat research to augment and feed custom use case creation

Leverage advanced knowledge of security operations, cyber security tools, intrusion detection, and secured networks to integrate with the SIEM platform

Act as an escalation point for the ASOC Security Analysts to assist and advise on the most complex security threat investigations

Collaborate with ASOC Senior Security Analysts and Verizon on-site teams to implement solutions to SIEM & SOAR platforms.

Provide advice on SIEM management, infrastructure, log ingestion and normalization in order to support the ongoing development of use cases and their dependencies.

Review and enhance logging information flow strategies and technical information flow required for log onboarding; create the work plan required for logging onboarding to include determining the technical details

Share and exchange knowledge gained across all Verizon SIEM stakeholders and subject matter experts.

Develop and implement SIEM, SOAR, and service management integrations including threat intelligence feeds, authentication systems, and response systems (firewalls, proxies, etc).

SIEM installation, configuration, management and fault-finding.

Provide briefings to ASOC managers, customer service leads, and other stakeholders on issues pertaining to SIEM management, use case maintenance, and their operational risks.

Determine and report the accomplishments of project initiatives across stakeholder groups, providing consulting and guidance on how to drive business results from the data available

Support and consult vendors and customers to assist in implementing sound and secure logging practices while interfacing with customers in support of their logging requirements

Mentor and support ASOC Security Analysts Tier 1-3

Where you'll be working...In his hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager

You'll need to have:

Bachelor's degree or four or more years of work experience

Six or more years of relevant work experience

Bachelor's degree or four or more years of work experience as a SIEM Engineer/Content Developer, especially with Splunk ES, QRadar, Sentinel, Sumo Logic, Chronicle, Securonix, LogRhtyhym, etc.

Six or more years of relevant work experience as a SIEM Engineer with experience creating custom use cases, dashboards, and reporting

Six or more years of relevant work experience as a SIEM engineering, administration, configuration, optimization experience

Use case / correlation development experience.

Threat hunting experience

Linux command line experience

Knowledge of regular expressions and data normalization

Even better if you have one or more of the following:

Master's degree in information security, cyber security, computer science or related field

Experience assessing and implementing security incident detection systems, particularly SIEMs

Strong interpersonal skills and collaborative style to enable success across multiple partners

Experience working in a Security Operation Center (SOC) environment

Cloud security experience

Experience with SOAR platforms, particularly Palo Alto XSOAR

Knowledge in security architecture and enterprise information technology protocol and traffic flows

Capability to clearly and succinctly explain highly complex issues to senior executives

Strong communication and presentation skills along with the ability to handle multiple priorities in a fast paced dynamic environment

Experience preparing and delivering presentations to peers or senior executives

Ability to negotiate, when warranted, in order to work with other teams

Ability to grasp and assess "big picture" issues and bring them to light in order to foster positive change for a more robust data ingestion platform and process

Scripting or automation experience eg Python, Perl, Bash, PowerShell, etc.

If Verizon and this role sound like a fit for you, we encourage you to apply even if you don't meet every "even better" qualification listed above.Where you'll be working In this hybrid role, you'll have a defined work location that includes work from home and a minimum eight assigned office days per month that will be set by your manager. Scheduled Weekly Hours40 Equal Employment Opportunity

We're proud to be an equal opportunity employer - and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.