Senior Splunk Engineer (Global Security)

VANCOUVER MAIN BRANCH, 1025 GEORGIA ST W:VANCOUVER, Canada

Apply now Apply later

Job Summary

Job Description

What is the Opportunity?

RBC Defensive Threat Operations (DTO) team is seeking an experienced ‪Splunk Engineer with demonstrated competence and thought leadership capability to contribute toward the success of our Cyber Resiliency initiatives.  Under the direction of the Director of Correlation Engineering, the Senior Splunk Engineer is responsible for maintaining the RBC Security Information Event Management (SIEM) platform.

What will you do?

The Senior Splunk Engineer is a hands-on technologist who is an expert in the use of the technologies that comprise the RBC SIEM platform architecture, and creates and tunes the SIEM rules to adjust the specifications of alerts and security incidents.  The scope of this position is RBC Enterprise-wide and requires a very good understanding of the security controls RBC uses and how they provide value to the business.

The incumbent will work closely with other members of the Global Security teams in ensuring that the security posture of RBC is maintained and take a proactive approach in continually assessing the effectiveness and efficiency of the SIEM platform.

Essential Functions:

  • Serve as a Subject Matter Expert (SME) for the SIEM and Splunk platform

  • Develops and implements effective correlation rules

  • Tunes SIEM components to ensure maximum reliability and reduce false positives

  • Review security context alerts and log sources

Essential Capabilities:

  • Ability to relate to non-technical users in user-friendly language

  • Ability to understand or learn the technical implications of security threats

  • Ability to manage multiple concurrent objectives or activities, and effectively make judgments in prioritizing and time allocation in a high-pressure environment

What do you need to succeed?

Must-have:

  • Bachelor of Science in a technology-related discipline or 3 years of relevant experience

  • 5 years of experience in a role dedicated to the configuration, maintenance and administration of Splunk and Enterprise Security

  • Proficiency in developing and optimizing Splunk queries, dashboards, and alerts.

  • Significant experience with and working knowledge of Syslog

  • Experience with scripting languages (e.g., Python, Bash, or PowerShell) for automation and tool integration.

  • Significant experience with and expertise in creating event correlation logic and rules

  • Hands-on experience deploying and managing Splunk in cloud environments (AWS, Azure, GCP).

  • Possess excellent troubleshooting, problem-solving, and verbal/written communication skills

  • Ability to manage critical situations, and maintain solid relationships with colleagues

Nice-to-have:

  • Splunk Enterprise Certified Architect (preferred).

  • Splunk Core Certified Power User or Admin (minimum).

  • Certified Information Systems Security Profession

What’s in it for you?

We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

  • A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable

  • Leaders who support your development through coaching and managing opportunities

  • Ability to make a difference and lasting impact

  • Work in a dynamic, collaborative, progressive, and high-performing team

  • A world-class training program in financial services

  • Flexible work/life balance options

#LI-Hybrid

#LI-POST

#TECHCPJ

Job Skills

Decision Making, Group Problem Solving, Identity Access Management (IAM), Information Security, Information Technology Security, IT Systems Integration, Negotiation, Security Controls, Security Information, Security Information and Event Management (SIEM), SIEM Tools, Software Development, Software Development Life Cycle (SDLC), Strategic Objectives

Additional Job Details

Address:

VANCOUVER MAIN BRANCH, 1025 GEORGIA ST W:VANCOUVER

City:

VANCOUVER

Country:

Canada

Work hours/week:

37.5

Employment Type:

Full time

Platform:

TECHNOLOGY AND OPERATIONS

Job Type:

Regular

Pay Type:

Salaried

Posted Date:

2024-11-18

Application Deadline:

2025-01-01

Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above

Inclusion and Equal Opportunity Employment

At RBC, we embrace diversity and inclusion for innovation and growth. We are committed to building inclusive teams and an equitable workplace for our employees to bring their true selves to work. We are taking actions to tackle issues of inequity and systemic bias to support our diverse talent, clients and communities.
​​​​​​​
We also strive to provide an accessible candidate experience for our prospective employees with different abilities. Please let us know if you need any accommodations during the recruitment process.

Join our Talent Community

Stay in-the-know about great career opportunities at RBC. Sign up and get customized info on our latest jobs, career tips and Recruitment events that matter to you.

Expand your limits and create a new future together at RBC. Find out how we use our passion and drive to enhance the well-being of our clients and communities at jobs.rbc.com.

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0

Tags: Automation AWS Azure Bash Cloud GCP IAM PowerShell Python Scripting SDLC SIEM Splunk

Perks/benefits: Career development Competitive pay Equity / stock options Flex hours Team events

Region: North America
Country: Canada

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.