Senior Splunk Security Engineer (L4)
NTT Corporation
- Luxemburg Capellen
- Unbefristet
- Vollzeit
- Install, configure, and maintain Splunk components, including Splunk Enterprise, Splunk Universal Forwarder, and Splunk Heavy Forwarder.
- Monitor and optimize the performance of Splunk clusters to ensure efficient data processing and search capabilities.
- Troubleshoot and resolve issues related to Splunk infrastructure, ensuring high availability and reliability.
- Design and implement data ingestion strategies for various log sources into Splunk.
- Develop and maintain parsing configurations to normalize and enrich incoming data for effective analysis.
- Collaborate with application owners and IT teams to onboard new data sources into Splunk.
- Create and optimize search queries and reports to extract valuable insights from the indexed data.
- Customize and implement Splunk dashboards for different stakeholders to visualize key performance indicators and security metrics.
- Implement security best practices within Splunk to safeguard sensitive data.
- Collaborate with the security team to configure and monitor alerts for suspicious activities or security incidents.
- Ensure compliance with industry regulations and internal policies related to log management and data retention.
- Develop automation scripts using SPL (Search Processing Language) and other scripting languages to streamline administrative tasks.
- Continuously seek opportunities to improve efficiency through automation in Splunk processes.
- Maintain thorough documentation of Splunk configurations, processes, and troubleshooting procedures.
- Provide training and support to other IT team members on Splunk best practices and usage.
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Proven experience as a Splunk Engineer in enterprise-level environments.
- some experience in network and application security, with expertise in Palo Alto, Bluecoat, F5 (LTM, ASM, APM), ASA VPN is an asset.
- Strong knowledge of Splunk architecture, components, and best practices.
- Proficient in SPL and scripting languages like Python or Bash.
- Experience in designing and implementing data ingestion strategies.
- Solid understanding of security principles and their application in Splunk.
- Excellent problem-solving and troubleshooting skills, with the ability to work well under pressure.
- Strong communication skills and the ability to collaborate with diverse teams.
- A proactive approach to identifying and mitigating security vulnerabilities and risks.
- Demonstrated ability to work in a fast-paced and dynamic environment.
- Fluent in English
- Relevant certifications are a plus.
- The candidate must be native from a NATO country and a valid NATO Secret Clearance is a plus.