- Deep understanding of SIEM technologies, preferably Splunk
- Must have experience with SIEM migration
- Develop, tune, and maintain tools to automate analysis capabilities for network-based, host-based and log-based security event analysis
- Create signatures, rule sets, and content analysis definitions from various intelligence sources for a variety of security detection capabilities
- Manage project tasks, reporting, and customer meetings
- 1+ years Splunk Web Framework (reports/dashboards/etc.)
- Command line and console-based troubleshooting
- Custom parser creation for events in Syslog, ODBC, ad flat file formats
- Advanced correlation and alert rules
- Investigations in Splunk
- Splunk App creation and scripting experience (Python)
- Experience with onboarding cloud environments (AWS, Azure, Raskspace, Google Cloud, 3rd Party Hosting Environments)
- Log Source management
- Data flow into and through Splunk
- How to optimize event ingestion, reporting and alerting
- Strong Networking background combined with Strong Security
- Relevant certifications such as CCNP, CCNA, SANS, CISSP, etc.
- Must have ability to support flexible schedule in support of 7×24 staff.
- Experience supporting large scale SIEM migrations and project task management
- Expert level knowledge of installing, deploying, documenting, and troubleshooting network perimeter security technologies such as firewalls, proxy servers, intrusion prevention/detection (IDS/IPS), antivirus, antimalware, anti-spam and unified threat management (UTM).
- Strong interpersonal and communications skills
- Ability to solve problems quickly and automate processes.
- A solid understanding of an operating system; understands paging and swapping, inter-process communications, devices and what device drivers do, file system concepts (inode, clustering, logical partitions), can use performance analysis to tune systems.
- A solid understanding of networking/distributed computing environment concepts; understands principles of routing, client/server programming, the design of consistent network-wide file system layouts.
- Must be well versed in TCP/IP, IPSec, VLANs, system hardening, and troubleshooting.
Candidates should be flexible / willing to work across this delivery landscape which includes and not limited to Agile Applications Development, Support and Deployment.
Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini.
Capgemini is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.
This is a general description of the Duties, Responsibilities and Qualifications required for this position. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodations do not pose an undue hardship.
Click the following link for more information on your rights as an Applicant – http://www.capgemini.com/resources/equal-employment-opportunity-is-the-law
A global leader in consulting, technology services and digital transformation, Capgemini is at the forefront of innovation to address the entire breadth of clients’ opportunities in the evolving world of cloud, digital and platforms. Building on its strong 50-year heritage and deep industry-specific expertise, Capgemini enables organizations to realize their business ambitions through an array of services from strategy to operations. Capgemini is driven by the conviction that the business value of technology comes from and through people. It is a multicultural company of 200,000 team members in over 40 countries. The Group reported 2017 global revenues of EUR 12.8 billion (about $14.4 billion USD at 2017 average rate).
Visit us at www.capgemini.com. People matter, results count.