Log In Sign Up

Splunk Architect

Premium Job From Goodman Masson

Recruiter

Goodman Masson

Listed on

14th May 2019

Location

France

Salary/Rate

£419 - £503

Type

Contract

Start Date

ASAP

This job has now expired please search on the home page to find live IT Jobs.

Splunk Architect | France | Contract

Role Description

Goodman Masson are currently working exclusively on a new Splunk Architect position based in France, for a global leading Investment Banking organisation within their newly formed Threat Hunting Function.

Responsibilities

The Architect needs to have proven understanding of Enterprise Splunk Security and Analytic Information modelling concepts including the Splunk Common Information Model (CIM) and Splunk Data Models. This role is primarily project-based with varied areas of focus including architecture, deployment, platform expansion and the integration of data from various systems.

Work with global colleagues from both internal and external teams throughout the organisation to provide solutions via ongoing communications and consistent processes.

On-board and cleanse data sources using CIM best practices for field extraction and Splunk Data Model optimisation's.

Complete environment tooling, configuration, build, and documentation tasks with a focus on quality and ongoing platform supportability.

Provide support for production platforms through health monitoring and root cause troubleshooting

Develop tools to automate/improve existing processes and procedures in areas such as configuration management and run time tooling.

Assist in the design, architecture and implementation of Splunk infrastructure with a focus on a wide variety of areas spanning performance analysis, platform optimisation, monitoring/metrics gathering to facilitate reporting/tuning, upgrades, process management, capacity planning, and relevant documentation using the available tools in a fashion consistent with existing policies and procedures

Participate in technology evaluations and play an active role in suggesting improvements based on technology trends, best practices, and industry standards.

Requirements

Essential:

Customer-focused Splunk Enterprise Security SIEM engineering background - SME knowledge of ES v4.7

Direct experience with Splunk Engineering and data integration

Prior SIEM Data modelling experience on similar platform at scale (>50 Servers)

Scripting and development skills in Python/Perl with deep comprehension of regular expressions.

Broad Linux/*nix Systems Administration experience.

Exceptional communication/interpersonal abilities as a flexible, self-driven team member.

Strong task management and organisational skills to insure balance and timely completion of ongoing efforts.

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below:

Google Chrome
Google Chrome
 Opera
Opera
 Mozilla Firefox
Mozilla Firefox