Splunk Engineer

Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success.

Work you will do:

As a SIEM Engineer, you will manage and provide Splunk health and operational support, including supporting architecture changes, tool deployments, and advanced content development.

• You will work closely with the Security Operations Center (SOC), Content, TIA, and ThreatConnect teams as an advanced escalation point in identifying and addressing potential information security incidents.
• Perform Splunk configuration management, troubleshooting, and addressing complex issues, including day-to-day operations management related to Splunk.
• Log sources integration and onboarding, including custom parser development and tuning. Develop scripts to simplify data collection and automate data onboarding tasks.
• Perform Splunk architecture assessments, design reviews, and come up with areas of improvement.
• Coordinate with Content engineers, Threat Management, TIA, and Threat Hunting to support advanced Use Case development.
• Help maintain a content development/deployment baseline across clients based on the maturity of the client environment and the latest security trends.
• Create a Use Case pipeline according to the client environment and business needs, based on industry-leading standards, best practices, and frameworks (like MITRE).
• Deliver SIEM advisory support and education to other SOC and technology management personnel.
• Help define, implement, and monitor key risk indicators and key performance indicators (KRIs/KPIs).
• Keep abreast of the latest IT security, regulatory, and compliance trends to support various risk and data models.
• Review system security plans, network diagrams, and vulnerability and patching requirements.
• Develop scripts to simplify data collection and automate data onboarding tasks.
• Perform quality review of HLUC, TUC, Use Case Testing, Parser, Runbooks, and other technical documents.
• Submit documentation through the Quality Review Management process.
• Provide 24/7 on-call support (as needed).
• Mentor and train Junior SIEM Engineers.

The Team

Deloitte's Government and Public Services (GPS) practice -our people, ideas, technology and outcomes-is designed for impact.Serving federal, state, & local government clients as well as public higher education institutions, our team of over 15,000+ professionals brings fresh perspective to help clients anticipate disruption, reimagine the possible, and fulfill their mission promise.

Our Cyber Defense & Resilience offering assists clients in defending against advanced threats by transforming security operations, monitoring technology, data analytics, and threat intelligence. Helps manage and protect dynamic attack surfaces and provides rapid crisis and cyber incident response, ensuring clients can be ready for, respond to, and recover from business disruptions.

Qualifications:

Required:

• Bachelor's degree required.
• Ability to work rotating shifts to support 24X7 operations.
• At least one completed certification: Certified Information Systems Security Professional (CISSP), Certification in Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Ethical Hacker (CEH) or equivalent
• A minimum of 5+ years' experience in security information and/or technology engineering support.
• Must be local to Las Vegas, NV and have the ability to be onsite up to 5 days a week.
• Active TS - Q clearance required.
• Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.

Preferred Qualifications:

• 1+ year of experience in security technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Endpoint detection and response (EDR), Anti-Virus, Sandboxing, network- and host- based firewalls, Threat Intelligence, Penetration Testing, etc.

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $93,225 to $155,375.

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.

As used in this posting, "Deloitte" means Deloitte Transactions and Business Analytics LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html