404
404

Role description

Primary Duties & Responsibilities:

·      Assist Cybersecurity Engineering Team in the organization’s migration to Splunk Cloud, including configuration of existing log sources using Splunk Universal Forwarder agents and re-configuration of legacy syslog based to point to newly deployed CRIBL ingestion layers.

·      Coordinate change tickets, validating and documenting changes including tracking and reporting of efforts pertaining to Splunk Cloud migration initiatives.

·      Own the execution of security and audit log data ingestion, parsing the data, making it CIM compliant, development, tuning and validation of Use Cases and dashboards.

·      Collect, store and correlate event data across the enterprise in Splunk Cloud while documenting log source on boarding requirements, performing log on boarding configuration and development/validation of security monitoring Use-Cases.

·      Participate in analyzing, assessing and documenting system configuration settings against established requirements for commonly used IT platforms.

·      Support project tracking by maintaining relevant log on boarding metrics and other relevant criteria while serving as a key team member for incident response related activities and collaborates with technical teams for security incident remediation and communication.

·      Conduct proof of concepts, vendor comparisons and recommend solutions in line with business requirements and produce reports on status of any ongoing incidents.


Education & Required Qualifications:

·      Bachelor’s degree or experience in relevant field/equivalent work experience

·      Bilingual in English & Spanish is a must

·      4+ years’ years relevant work experience with security engineering and SIEM Cloud teams

·      2+ years’ experience with Splunk (Advanced user-level) and CRIBL (basic)

·      Experience configuring Security logs on multiple sources and validating Security logs in Splunk SIEM/CRIBL is required

·      Understanding of Firewall, proxys and Network concepts

·      Previous experience designing, implementing, and executing testing procedures and documentation/reporting

·      Produce precise, and detailed documentation in regard to the SIEM integration of log sources

·      Understanding of AWS cloud platforms and architectures 


Desire Requirements (Not Mandatory):

·      Experience with JIRA, ServiceNow, Confluent, GitHub is highly desired

Any security certifications are a huge plus (CheckPoint certifications, CISSP, CISM, Security+, etc.)

Latest jobs

The Cervantes Group

Cloud IAM/PAM Specialist, AWS

July 15th, 2024
Mexico City
Full-time

The IAM/PAM Specialist will own enterprise identity lifecycle management activities (provisioning, recertification, Privileged Access Management etc.) across all 5 entities within the USA regarding the AWS cloud environments. Create IAM Cloud Solutions following DevOps pipeline processes and drive new integrations of applications and data configurations. The ideal person will be able to provide system administration and manage IAM environments, such as apply patches, data migrations, etc.

The Cervantes Group

Datacenter Migration Engineer

July 15th, 2024
Dallas
Full-time

The Datacenter Migration Engineer will be dedicated to executing a Migration/Relocation/Consolidation of critical datacenters within the customer. This person will be deeply involved, alongside Application Owners, Application Architects, and Infrastructure Engineers, in the planning and execution of the data center migration and consolidation program. The ideal person can help assess, discover, and document Infrastructure to Application Dependency and create detailed documentation regarding asset inventory and technical migration plan within VMware/Server/Storage environments, including configuration and management. Manage technical aspects involved with infrastructure consolidation/moves.


The Cervantes Group

Network Engineer, Datacenters

July 15th, 2024
Dallas
Full-time

The Network Engineer will be responsible for building, operating, and maintaining network devices installed in Washington DC while supporting related activities with a datacenter migration project. The ideal person will be able to configure routing protocols, provide network information, configuring ports, VLAN, extensions, etc., to support a datacenter migration.


The Cervantes Group

IT SME Middleware

July 12th, 2024
Remote
Full-time

We are seeking an experienced IT Subject Matter Expert (SME) with Level 1 (L1) abilities to provide infrastructure application support for a critical middleware platform used for document processing and management. This platform consists of multiple instances that handle various functions such as ATM/Mobile transactions, branch operations, and common services.