Splunk Operations Engineer - Assistant Vice President

Deutsche Bank   •  

Mc Lean, VA

Industry: Accounting, Finance & Insurance


Not Specified years

Posted 180 days ago

This job is no longer available.

The COO Chief Information Security Office (CISO) is responsible for addressing information security risks to the Deutsche Bank global IT real estate. We are focused on delivering a multi-layered “defense in depth” approach to ensuring Deutsche Bank's information assets are adequately protected. As part of this approach, we use large, globally distributed Big Data applications such as Splunk or Hadoop data lakes to Discover, Detect, and Disrupt cyber threats. These applications are used by various globally dispersed CISO teams such as Cyber Threat Analysis, Security Operations, Cyber Forensics, Threat Intelligence, and more.

The Splunk Operations Engineer will be part of a CISO SIEM Operations team that is responsible for maintaining and improving a large, existing Multi-Site clustered Splunk instance in an Enterprise environment at PB (Multi-TB/day) scale.  The two key areas of responsibility are to a) Design & Build new features, b) Run the System

Design & Build new features:

  • Help refine business requirements
  • Assist with release planning activities
  • Visualize architecture aspects such as multisite clustering, DR capabilities, failover scenarios, etc
  • Be responsible for the Design of the Data Integration piece of that solution
  • Document and visualize the Data Integration Designs as well as the interface specifications
  • Be responsible for hardware sizing to cover possible extension of the infrastructure
  • Cover all security policies of Deutsche Bank in terms of Access Management, Data Protection etc. and include that in the Architecture
  • Work with users and other stakeholders to implement new features
  • Guide the configuration of the Enterprise Security App to reflect use cases
  • Build solutions in the DEV environment (e.g. data onboarding, Apps and Add-on's, configurations etc.)
  • Document all design artifacts
  • Estimate efforts for all tasks
  • Support the Quality Manager by testing the solution, by generating suitable test data etc.
  • Be responsible for troubleshooting

Run the System:

  • Help troubleshooting + issue fixing efforts
  • Liaise with other support groups (e.g. UNIX admins) at Deutsche Bank to get issues resolved
  • Prepare the deployment of new features
  • Support Go Live activities
  • Improve the System and its Monitoring, and Configuration automation capabilities
  • Support the day-to-day running of the System

Additionally, the Engineer will support project managers and the regional management team in project planning, tracking, and reporting when required.  

Role Responsibilities:

Essential Skills:

  • Splunk Operations / Engineering Background
  • Experience with Splunk’s Enterprise Security App
  • Record of integrating large data sources with Splunk in an Enterprise environment, abiding by organizational and policy-driven rules
  • Hands-on Splunk data integration and admin skills
  • Strong Unix systems Operations and Administration skills
  • Communication (verbal & written)
  • Interpersonal interaction / Team player
  • Documentation & Visualization of complex IT Systems

Technical Skills:

  • Splunk Certified Power User or equivalent
  • Splunk Certified Administrator or equivalent
  • Strong IT background.

Job ID: 3153374