Senior Detection & Monitoring Operations (D&MO) Analyst

Splunk   •  

Plano, TX

Industry: Technology

  •  

Less than 5 years

Posted 52 days ago

Role:

The Splunk Senior Detection and Monitoring Operations (D&MO) Analyst reports to the Sr. Manager of Detection and Monitoring Operations. This role is based in San Jose or Tyson’s Corner, VA. You will be responsible for the 24x7 monitoring, operations and response to cybersecuritythreats. You are someone who has a fundamental understanding of Information Security principles and disciplines coupled with excellent communications skills and a continuous desire to learn and grow. We are a passionate team who has fun, enjoys a good laugh but above all else thinks security first.

Responsibilities:

  • You will perform monitoring, research, assessment and analysis on all notable securityevents from a variety of technologies such as firewalls, intrusion detection systems, cloud services, endpoint security and operating system events
  • You will address more complicated events as a second tier of escalation
  • You will create and follow appropriate pre-defined procedures to further investigate securityevents and handle/give escalations to other required personnel as necessary
  • You will work closely with the Product Security, Threat and Vulnerability Management and Cyber Threat Intelligence teams to implement custom detection of new and emerging threats
  • You will participate in routine compliance and control monitoring and assist in creation of new monitoring capabilities as controls evolve
  • You will handle daily tasks, ad-hoc assignments and lead small projects as needed
  • You will maintain operational reports for Key Performance Indicators and weekly and monthly metrics
  • You will lead digitization efforts to automate routine playbooks and always be on the lookout for opportunities for automation
  • Participate as a member of the SplunkCIRT during major incidents and lend contributions to post-Incident review and continuous improvement
  • Mentor and advise junior analysts as needed to facilitate growth

Requirements:

  • 3-6 years of experience as a Security Administrator or equivalent knowledge
  • You have knowledge of security related technologies including firewalls, intrusion detection systems and endpoint security tools
  • You also have knowledge of TCP/IP protocols, network analysis, and the OSI framework
  • You have understanding of Incident Response framework, root cause analysis
  • You have working knowledge of endpoint and server systems administration
  • You have working knowledge of Cloud technologies
  • You have the ability to multitask, prioritize and take-charge
  • You have the willingness and desire to think outside of the box for creative solutions to problems with the moxie to follow-through.
  • Excellent interpersonal skills and ability to see things through the customer’s eyes
  • Strong attention to detail
  • Bachelor’s degree in computer science, information security or related discipline is required or equivalent work experience
  • Must be eligible to work in the United States without company sponsorship.