|Job Title:||Splunk Architect|
|Contact Name:||Kelly Shockley|
|Job Published:||December 22, 2020 12:04|
The Department has an opportunity within the Operations Design and Engineering Team for a Principal Security Architect – Splunk, this role is designed to provide senior level leadership for the architecture and design of the Splunk Security platform and associated integrations that support our GSOC customers. You will work with both Project and BAU resources to scope and grow the Splunk platform and help develop new services that leverage the capability. You will also evangelise the use of Splunk and help grow the Splunk services delivered within the GSOC. This will likely include transitioning to Splunk Cloud and integrating the platform with other cloud based solutions.
· Overall Splunk Architecture and supporting Design documentation.
· Working with Pre-Sales teams to scope capacity and enhancements needed to on-board new capabilities within Splunk.
· Act as an escalation point for the Security Analysts to assist and advise on the most complex security threat investigations.
· Support and consult vendors and customers to assist in implementing sound and secure logging practices while interfacing with customers in support of their Splunk access requirements.
· Leverage advanced knowledge of security operations, cyber security tools, intrusion detection, and secured networks to integrate with the SIEM platform.
· Determine and report the accomplishments of project initiatives across stakeholder groups, providing consulting and guidance on how to drive business results from the data available.
· Review and enhance logging information flow strategies and technical information flow required for log onboarding; create the work plan required for logging onboarding to include determining the technical details.
Skills and Experience Required:
· Current Australian Federal Government security clearance at NV1 minimum (required)
· Bachelor’s degree or relevant equivalent industry experience.
· Four or more years of experience as a SIEM Engineer leveraging Splunk.
· SIEM administration, configuration, and optimization experience.
· Threat hunting experience.
· Experience participating in and acting as an escalation point for complex network threat investigations.
· Splunk Cloud migrations and operations
· Relevant certifications similar to Splunk Enterprise Certified Architect
· Working knowledge of ITIL Change Management processes and the Australian Government Information Security Manual.
· Demonstrable sound written and oral communications skills, be articulate in explanations, and communicate in a clear positive fashion with internal and external stakeholders, clients, and suppliers, covering highly complex solutions
Great if you have:
· Master's degree in information security, cyber security, computer science or a related field.
· Strong interpersonal skills and collaborative style to enable success across multiple partners.
· Experience working in a Security Operation Center environment.
· Cloud experience.
· Strong communication and presentation skills along with the ability to handle multiple priorities in a fast paced dynamic environment.
· Experience preparing and delivering presentations to peers or senior executives.
· Ability to negotiate, when warranted, in order to work with other teams.
· Ability to grasp and assess “big picture” issues and bring them to light in order to foster positive change for a more robust data ingestion platform and process.
Location and Contract Term: Canberra based role. Contract till January 2022
Security Requirements: Applicants must be Australian Citizens to apply. A NV1 security clearance is required.
How to Apply:
Applications close 8 January.
Please upload your resume to apply. Please note you may need to complete selection criteria to complete this application process. We will be in touch with instructions for suitably skilled candidates
Call Kelly 1300 944 936 for any further information
Get similar jobs like these by email
By submitting your details you agree to our T&C's