Senior SIEM Data Operations Lead

Who we are looking for

The State Street A&E Team is looking for a SIEM Data Operations Lead. The Cyber Data Science team delivers models, insights, and tooling to help Cybersecurity teams make faster, more informed decisions as we work to secure State Street’s digital footprint. As a SIEM Data Operations Lead, you will be responsible for leading the operational functions of Data observability, Log Telemetry Monitoring (LTM) and drive the design, implementation, and maintenance of LTM solution and its operations in collaboration with data product managers, architects, engineers, and other team members to prevent data loss & deliver timely data for SIEM & analytics functions that support our mission to build predictive models and intelligent systems that help secure State Street’s information and infrastructure.

This role can be performed in a hybrid model, where you can balance work from home and office to match your needs and role requirements

What you will be responsible for

As SIEM Data Operations Lead you will

• · Using your understanding of large-scale data processing and SIEM platforms used for cybersecurity functions, evaluate the risks of log telemetry data loss for Cyber Security functions and create processes and procedures to efficiently detect and triage log telemetry data loss scenarios. ·
• Use your in-depth knowledge of public clouds, infrastructure applications and business applications to understand the impact of log telemetry loss for each category of log data sources to guide operations team to prioritize the triage & resolution of LTM data loss incidents. ·
• Collaborate with cross-functional teams to understand integrations on Cyber Data Platforms like Splunk, Databricks & CRIBL to determine the impact of integration failures that can lead to Log telemetry data loss and proactively propose detection use cases for LTM engineering team for implementation ·
• Collaborate with downstream functional stakeholders to periodically review the priority and importance of various log data sources used for Cyber Security functions to re-baseline the prioritization of LTM incident tickets and SLA’s for triage and recovery ·
• Maintain the thresholds for detecting Log telemetry data loss using volume drift monitoring for critical subsets of data within a data source
• Collaborate across a variety of technical teams to manage LTM incidents and guide the global operations team to engage upstream application and platform owners to quickly triage/resolve incidents
• · Take ownership of internal and external SLA’s to meet and exceed expectations for timely detection and resolution of LTM incidents. ·
• Ensuring technical issues are quickly resolved and helping implement strategies and solutions to reduce the likelihood of recurrence. ·
• You will mentor operations engineers and upstream applications & platform teams to help them understand the value of log telemetry data for Cyber Security functions and the impact of data loss on those functions. ·
• Communicate daily updates to stakeholders showing the status of incidents closed for the past 24-hours and on-going incidents.

What we value These skills will help you succeed in this role

• Strong leadership quality and ability to take the lead on triaging and resolving IT operational issues by collaborating and building partnership with globally distributed upstream technology and application support and engineering teams ·
• Preferred 4+ years of operations experience with SIEMs such as Splunk, Sentinel, Devo, Panther and Fluent in SQL & SPL (for writing queries and dashboards), KQL, and other security vendor languages ·
• Expertise in DevOps, DevSecOps and emergent experience with DataSecOps and Data Governance practices · ​
• You are a strong communicator who is comfortable working cross-functionally, with a track record of delivering results and demonstrating strong ownership.

Education & Preferred Qualifications

B.S., M.S in Computer Science or equivalent work experience ·

• 5+ years of experience with CS fundamental concepts and OOP languages like Java and Python ·
• Experience in managing Cyber Data Platforms & SIEM platforms like Databricks, Splunk, Qradar, Sentinel, Exabeam, Devo, Panther etc., with deep knowledge on various categories of Log telemetry data used for Cyber Functions. ·
• You have experience with security observability and compliance monitoring in hybrid cloud environments. ·
• You are a strong communicator who is comfortable working cross-functionally, with a track record of delivering results and demonstrating strong ownership. ·
• Expertise in DevOps, DevSecOps and emergent experience with DataSecOps and Data Governance practices
• · Expertise with either AWS, GCP, Azure or OCI · CISSP or similar security certifications and/or demonstrable security domain knowledge in the areas of SIEM, IAM, Network Security and Cloud security

Additional requirements

• Experience with designing for data lineage, federation, governance, compliance, security, and privacy

Are you the right candidate? Yes!

We truly believe in the power that comes from the diverse backgrounds and experiences our employees bring with them. Although each vacancy details what we are looking for, we don’t necessarily need you to fulfil all of them when applying. If you like change and innovation, seek to see the bigger picture, make data driven decisions and are a good team player, you could be a great fit.

Why this role is important to us

Our technology function, Global Technology Services (GTS), is vital to State Street and is the key enabler for our business to deliver data and insights to our clients. We’re driving the company’s digital transformation and expanding business capabilities using industry best practices and advanced technologies such as cloud, artificial intelligence and robotics process automation.

We offer a collaborative environment where technology skills and innovation are valued in a global organization. We’re looking for top technical talent to join our team and deliver creative technology solutions that help us become an end-to-end, next-generation financial services company.

Join us if you want to grow your technical skills, solve real problems and make your mark on our industry.

About State Street

What we do. State Street is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation, we’re making our mark on the financial services industry. For more than two centuries, we’ve been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients.

Work, Live and Grow. We make all efforts to create a great work environment. Our benefits packages are competitive and comprehensive. Details vary by location, but you may expect generous medical care, insurance and savings plans, among other perks. You’ll have access to flexible Work Programs to help you match your needs. And our wealth of development programs and educational support will help you reach your full potential.

Inclusion, Diversity and Social Responsibility. We truly believe our employees’ diverse backgrounds, experiences and perspectives are a powerful contributor to creating an inclusive environment where everyone can thrive and reach their maximum potential while adding value to both our organization and our clients. We warmly welcome candidates of diverse origin, background, ability, age, sexual orientation, gender identity and personality. Another fundamental value at State Street is active engagement with our communities around the world, both as a partner and a leader. You will have tools to help balance your professional and personal life, paid volunteer days, matching gift programs and access to employee networks that help you stay connected to what matters to you.

State Street is an equal opportunity and affirmative action employer.

Salary Range:

The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.

Job Application Disclosure:

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

State Street's Speak Up Line