GMS-Senior-Technology Specialist Splunk SOAR TechOps

Join EY as a Senior Technology Specialist for Splunk SOAR TechOps and build a career in cybersecurity, working with customers to identify security automation strategies and provide creative integrations and playbooks. Collaborate with team members to find solutions to customers' challenges and needs, and develop custom scripts and playbooks to automate repetitive tasks and response actions.

Requirements

• Excellent teamwork skills, passion and drive to succeed and combat Cyber threats
• Working with the customer to identify security automation strategies and provide creative integrations and playbooks
• Responsible for execution and maintenance of Splunk SOAR related analytical processes and tasks
• Management and administration of Splunk SOAR platform
• Developing custom scripts and playbooks to automate repetitive tasks and response actions
• Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON
• Knowledge on Incident Response and Threat Intelligence tools
• Creation of reusable and efficient Python-based Playbooks
• Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration
• Partner with security operations teams, threat intelligence groups and incident responders
• Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms
• Having experience in Splunk content development will be an added advantage
• Willing to learn new technologies and take up new challenges
• Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers
• Good grasp in conceptualizing and/or implementing automation for business process workflows
• Knowledge in Network monitoring technology platforms such as Fidelis XPS or others
• Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others
• Should be able to assist, support and mitigate production issues
• Should have the capability to work with partners and client stack holders to full fill their asks
• Ability to Coordinate with Vendor to incident closure on according to the severity
• Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement
• Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Splunk SOAR solution in global enterprise environments
• Experience working in ServiceNow SOAR is also an added advantage
• Strong oral, written and listening skills are an essential component to effective consulting
• Strong background in network administration
• Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary
• Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc
• Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field
• Minimum 2 years of working in SOAR (Splunk)
• Experience in Process Development, Process Improvement, Process Architecture, and Training
• Quick to apprehend and adapt new applications
• Knowledgeable in Cybersecurity and Incident Response Management
• Certification in Splunk will be an added advantage
• Certifications in a core security related discipline will be an added advantage

Benefits

• Competitive salary
• Opportunity to build a career in cybersecurity and work with customers to identify security automation strategies and provide creative integrations and playbooks
• Collaborative work environment with team members to find solutions to customers' challenges and needs
• Opportunity to develop custom scripts and playbooks to automate repetitive tasks and response actions
• Chance to work with Splunk SOAR platform and enable automation and orchestration on various tools and technologies
• Opportunity to partner with security operations teams, threat intelligence groups and incident responders
• Chance to learn new technologies and take up new challenges
• Opportunity to develop high-quality technical content such as automation scripts/tools, reference architectures, and white papers
• Chance to work on process development, process improvement, process architecture, and training
• Opportunity to work with diverse EY teams in over 150 countries and build trust in the capital markets
• Chance to contribute to creating long-term value for clients, people and society
• Opportunity to work with clients to help them grow, transform and operate
• Chance to build a better working world and help EY become even better
• Opportunity to work on assurance, consulting, law, strategy, tax and transactions projects
• Chance to ask better questions to find new answers for the complex issues facing our world today
• Opportunity to develop expertise in Splunk SOAR and incident response management
• Chance to work with clients to help them navigate the complexities of digital transformation and cybersecurity
• Opportunity to contribute to creating a more secure and resilient digital ecosystem
• Chance to work with clients to help them improve their cybersecurity posture and reduce the risk of cyber threats
• Opportunity to develop expertise in Splunk content development and incident response management
• Chance to work with clients to help them develop and implement effective incident response plans and procedures
• Opportunity to contribute to creating a more secure and resilient digital ecosystem for clients and organizations
• Chance to work with clients to help them navigate the complexities of digital transformation and cybersecurity
• Opportunity to develop expertise in Splunk SOAR and incident response management
• Chance to work with clients to help them improve their cybersecurity posture and reduce the risk of cyber threats
• Opportunity to develop expertise in Splunk content development and incident response management
• Chance to work with clients to help them develop and implement effective incident response plans and procedures