Managed SIEM Engineer - Splunk ES

ABOUT PROFICIO

Proficio is an award-winning managed detection and response (MDR) services provider. We provide 24/7 security monitoring, investigation, alerting and response services to organizations in healthcare, financial services, manufacturing, retail and other industries. Proficio has been highlighted in Gartner’s Market Guide for Managed Detection and Response Services for the last three consecutive years. We have a track record of innovation. Proficio invented the concept of SOC-as-a-Service. We were the first MSSP to provide automated response services and the first in our space to provide a risk scoring dashboard.

Our typical client is a medium to large-sized organization that lacks the in-house resources to address the challenges of a rapidly changing threat landscape. The difficulty of hiring and retaining cybersecurity professionals are widely understood but our prospective clients also struggle to effectively harness technology and build hardened processes.

While Proficio has developed a unified service delivery platform designed to meet the needs of the most demanding clients, what sets us apart is the quality and passion of our people. We believe the SOC of the Future will meld the creativity of human intelligence with the power of advanced technologies like AI.

SUMMARY:

The Managed SIEM Architect reports to our Lead Security Data Engineer and creates the architecture and guides the workload/implementation of our Splunk SIEM customer instances - predominantly in the US, but this role will also provide support globally as required. We are hiring customer-facing architect level individuals for this team who will be able to organize and drive multiple customer implementations and maintenance scenarios at once. This is a position for a tech-savvy individual so we expect the majority of the work to be done remotely with customer interaction mainly being telephonic, email or video with occasional customer site visits.

Requirements

• Our Managed SIEM Engineers are security problem solvers! They look at the security data and think “problem,” first, “tool set” second. We are tasked today with utilizing the Splunk SIEM to enhance our customers’ security, but we see Elastic Stack products and others on the horizon. We seek a security minded professional who is creative with their problem-solving skills, adaptable with their tool sets, but also highly proficient today in the Splunk ES product.
• Ability to work in a team: Our US Managed SIEM Engineers do not work in a silo! They are in front of our customers before and after the sales helping to determine needs, architect solutions, and outline work to be done. They are supported by a global team of Splunk Architects, Admins and Developers who can execute the Splunk implementation envisioned. We seek individuals who are able to define work scope, bundle that work scope for team assignment, and then return the following day to pick up the work that was completed overnight for review/revision. Lone wolves are not allowed!
• Ability to work independently: This is a remote position that services customers across the US. We will hire where the talent lies, expect candidates to have a professional home office, and we will assume our staff are able to organize their customer interactions and workload so that progress is achieved with all customer accounts daily.
• We are doing great things! We want enthusiastic Splunk professionals who can share our passion with customers. Strong communication skills prior to contract execution will ensure our customers know exactly what to expect during the onboarding process. Continuous relationship building throughout the implementation and maintenance phase will ensure our customers are receiving our best in class service for their cybersecurity needs!
• The nitty gritty: 5+ years hands on experience in engineering and supporting a large scale Splunk (ES required) environment; strong event logging solutions for large corporations is preferred; experienced with multiple security platform administration or engineering within large-scale or global enterprises combined; understanding of Network Firewalls, Load-balancers, and complex network designs; good understanding of Unix/Linux and Windows operating systems, good command on Python, Perl, SQL, Regex and Shell scripting is preferred.
• The proof is in the pudding: (or in the certifications…) The following certifications are highly desired as they will highlight your commitment to this career path: Splunk Accredited Implementation Fundamentals, Splunk Accredited Core Implementation, Splunk Accredited Consultant, Splunk Enterprise Certified Admin; Splunk Enterprise Certified Architect, and Splunk Enterprise Security Certified Admin.
• Clear understanding of Splunk’s data onboarding process and CIM mapping.
• Ability to define and clearly express work required to customers.

Benefits

• Salary range: $100,000 - 125,000 DOE

• Opportunity to work in a progressive organization with structured training and roadmap for success

• ProLunch, Game Room, onsite Gym, and fun employee activities!

• Health, Dental and Vision plans available first of the month
• Other benefits: Health Advocacy Program, Employee Assistance Program, Employee Discount Program
• Tax advantage products: Healthcare flexible spending accounts, dependent care flexible spending accounts, commuter transit ad parking accounts, health saving accounts, limited purpose flexible spending accounts
• Voluntary benefits: Life and AD& D insurance, disability, accident insurance, hospital indemnity, cancer and specified illness insurance, critical illness, Info/Armor, legal insurance, pet insurance, auto and home
• ProLunch, Game Room and fun employee activities!
• 401K plan
• Gym reimbursement
• Proficio is an EOE Employer