|| **Must have recent and significant experience with Splunk**
This position consults with IT, Project Management, Product Management, Software Development and other peers on proper security architecture and system development processes to ensure the applications developed and systems implemented are in line with security best practices and Early Warning Services policies and standards.
** Security Engineer with Splunk experience**
- Complete the Identification, measurement, control and minimization of security risks to information systems across a broad range of disciplines including network and host security.
- Manage the development of repeatable infrastructure architectures working with internal and external partners to ensure that systems are placed within the relevant security zones based on the data they house and their purpose.
- Serves as the point of contact for all security issues in assigned areas.
- Works with architecture teams to ensure that all newly developed and legacy infrastructure implementations are in line with security policy and are compliance to the required frameworks (ISO, PCI, NIST 800-53, etc.)
- Advises and approves of changes and architectures for assigned areas from a security perspective.
- Evaluates product business cases including functional and detailed design specs to ensure security standards are met.
- Assists in the security incident response process as assigned.
- Develops and manages architectural reference material to ensure that security practices are being implemented in a repeatable fashion every time a new project is implemented.
- Document and present risks and security issues that could impact the confidentiality, integrity and/or availability of the business (both internally and externally) by assisting in documentation, tracking and creating solutions for mitigation.
- Work with internal and external penetration testing organizations to coordinate application and network-based penetration
- Interacts with customer banks to gather yearly testing and security requirements, review penetration testing findings, mitigating controls and/or projects to rectify security vulnerabilities.
- Minimum 1 year of general IT experience, with a minimum 2 years of IT security experience and 2 years of Security Architecture or Consulting experience.
- Advanced knowledge of relational databases, Windows and Linux operating systems, and Cisco and Juniper network solutions.
- Effective interpersonal skills, with ability to present to peers and coworkers
- Advanced knowledge of operating system, network, and database security architectures.
- Proficiency in Network security
- Proficiency in Networking technologies
- CEH/CPT Certification and one of CISSP, Network Security Cert or equivalent certification
- Experience in analyzing technical issues and making recommendations for corrective action.
- Demonstrate advanced understanding in the field of Information Security in terms of both concepts and technology.
- Ability to lead information security efforts.
- Ability to develop and deliver risk mitigation solutions.
- Advanced understanding of infrastructure security in depth practices.
- MCSE, SCSA, CCNA or CISA certification
- Unix administration or hobbyist
- Additional related education and/or experience preferred
- Familiarity with JunOS, and Secure Access (Pulse) devices
- Familiarity with NetSec tools:
- IPS (Tipping Point, Snort)
- Scanners (Nessus, Nexpose, nmap)
- Firewalls (Juniper, Cisco, ipChains/ipTables)
Must have recent and significant experience working with Splunk Security Tool