Senior SIEM Engineer - Splunk

Sei unter den ersten Bewerbenden.

Nur für registrierte Mitglieder

Bioggio

CHF 110’000 - 150’000

Sei unter den ersten Bewerbenden.

Vor 3 Tagen

Jobbeschreibung

Company Description

Founded and headquartered in Switzerland, Avaloq is expanding globally with around 2,500 colleagues across 12 countries and serving more than 170 clients in 35 countries. We are a leading provider of wealth management technology and services for financial institutions worldwide, including private banks, wealth managers, investment managers, retail, and neo banks. Our research-led approach and continual innovation are driven by the passion and creativity of our colleagues.

We are always looking for talented individuals to join us in our mission to orchestrate the financial ecosystem and democratize access to wealth management. Avaloq offers opportunities to work closely with some of the world's leading financial institutions, shaping careers through collaboration. We foster a supportive, flexible, and collaborative work environment that empowers our colleagues to reach their full potential.

Job Description

We are seeking a highly skilled and experienced Splunk Architect with a strong security background. The successful candidate will be responsible for designing, implementing, and managing our Splunk infrastructure in a hybrid cloud, large-scale environment. This position is primarily based at our Bioggio, Ticino office.

Your key tasks

Design, implement, and manage the Splunk infrastructure.
Deploy and manage Splunk indexer clusters and search head clusters.
Optimize existing clustered Splunk deployments.
Monitor operations of the Splunk platform to enable proactive issue identification, response, and resolution.
Integrate Splunk with legacy data sources, commercial security tools, and Cloud Service providers.

Build Splunk Technology Add-ons.
Create custom scripts in Python, Bash, PowerShell, VBscripts.
Develop Splunk apps for deployment on thousands of Universal Forwarders.
Interact with REST API endpoints.
Work with RDBMS in SQL.

Onboard data sources, create indexes and data models, establish health monitoring and KPIs.

Manage Splunk knowledge objects (Apps, Dashboards, Saved Searches, Alerts).

Manage Role-Based Access Control in Splunk.

Design and implement correlation searches in Splunk Enterprise Security.

Maintain and extend correlation between Asset & Identity and Splunk Enterprise Security.

Onboard Threat Intelligence feeds and analyze data.

Provide consultancy to Security Analysts to leverage Splunk effectively.

Drive operational model transformation of SecOps.

Identify gaps and develop solutions for continuous improvement.

Qualifications

Splunk Architect or Consultant certification or proven Professional Services experience.
Minimum 5 years of experience as a Splunk Architect or higher.
Experience in designing and implementing Security Operations Centers with Splunk.
Strong understanding of Splunk architecture components.
Proficiency in SPL, regular expressions, and data pipelines.
Knowledge of deployment and version control tools like Git, Terraform.
Knowledge of security components and cloud providers, preferably OCI.
Knowledge of SOAR is highly desirable.
Linux (preferably RHEL) and Windows system administration skills.
Knowledge of Kubernetes and containerized architectures.
Understanding of network protocols and infrastructure.
Ability to troubleshoot independently.
Excellent communication skills.

Additional Information

We support work-life balance through hybrid and flexible working arrangements. Avaloq values diversity and fosters an inclusive environment where everyone can be their authentic selves. We do not accept speculative CV submissions from recruitment agencies.