The IT Security SIEM Engineer reports to the Chief Information Security Officer, within the Division of Office for the Commissioner. The unit is comprised of a Chief Information Security Officer, a senior and Junior level Security architecture position.
Currently, NYC3 SOC is responsible for the overall security of Client Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations. This IT Security SIEM (Splunk) Engineer will be responsible for this highly visible cyber security program supporting our organization. The IT Security SIEM (Splunk) Engineer will support the full system engineering life-cycle, including requirements analysis, design, development, implementation, integration, test, and documentation.
Scope of Work
The IT Security SIEM (Splunk) Engineer will provide overall engineering, and administration in supporting a cloud based Splunk environment consisting of search heads, indexes, deployers, deployment servers, heavy/universal forwarders and Splunk apps spanning security, performance, and operational roles. The Engineer should be proficient with recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlining the key trends of the data. The IT Security SIEM (Splunk) Engineer should be proficient within Linux environment, edition and the following:
interpersonal, communication, nd presentation skills
Qualifications and Desired Skills:
- Cloud Certified Admin, Splunk Enterprise Certified Architect
- CCNP Security, CCIE Security, CEH, ECSP, MCSE
Hours/ Shift:Normal Business Days/Hours: Monday - Friday (9:00am - 5:00pm includes one-hour unpaid lunch) - 35 hours work week.