Principal CyberSecurity Engineer (Splunk)- Remote

CareFirst
Owingsmills, MD
27 Feb 2025

Vacancy expired!

Resp & Qualifications

PURPOSE:Develops and implements security solutions. Administers security technology systems by architecting and engineering/developing trusted systems into secure systems.Assists in the development of implementation and deployment plans that are aligned to the organizational strategic plan objectives and security requirements. Advises management in developing cybersecurity policies, processes, and procedures.

ESSENTIAL FUNCTIONS:
  • Provides day-to-day leadership to engineers overseeing the support of security solutions.
  • Works with architects and project managers to provide security requirements.
  • Mentors, educates, and coaches engineers and leaders across the organization on cybersecurity solutions.
  • Answers complex questions about the installation, operation, configuration, and customization of cybersecurity solutions.
  • Identifies and resolves potential conflicts with the implementation of any cybersecurity tools.
  • Reviews and analyzes appropriate solution system logs for performance and functional anomalies.
  • Develops information systems security action plans, evaluates information security products, and performs other activities necessary to secure the organization's network.

SUPERVISORY RESPONSIBILITY:This position has no direct reports, however, may informally lead teams in a matrix environment.

QUALIFICATIONS:

Education Level: Bachelor's Degree in Computer Science, Information Technology, or related field OR inlieu of a Bachelor's degree, an additional 4 years of relevant work experience is required in addition to the required work experience.

Licenses/Certifications:

Splunk Certified DeveloperSplunk Enterprise Security Certified Admin

CISSP Certified Information Systems Security Professional Upon Hire Required

ORCertified Ethical Hacker (CEH) Upon Hire Required

OR CompTIA Security+ CertificationRequired

OR CompTIA Network+ Certification required

Experience: 10 years relevant IT security experience

Preferred Qualifications:
  • Advanced degree

Knowledge, Skills and Abilities (KSAs)
  • Responsible for creating Splunk ES (Enterprise Security) Security Information and Event Management (SIEM) content to monitor and detect potential threats to the enterprise.
  • Responsible for SIEM content management, content creation, rule tuning, reporting and alert creation.
  • Integration of signals and telemtry from various security tools including COTS and Cloud-native (AWS, Google Cloud Platform, Azure).
  • Work with Splunk engineers to onboard and normalize new data sources ensuring CIM compliance.
  • Significant experience with threat detection and threat hunting workflows.
  • Significant experience with Incident Response procedures.
  • Significant experience in security data analytics.
  • Significant experience with data models - existing Splunk data models as well as, creation and tuning of data models from the ground up.
  • Experience with Splunk Machine Learning Toolkit (MLTK).
  • Will work closely with the CyberSecurity Monitoring and Automation teams to develop requirements and implement detections.
  • Develop complex dashboards and visualizations.
  • Develop alerting and notification.
  • Experience with a variety of scripting languages such as CSS, HTML, JavaScript, Python, PowerShell and shell scripting to automate tasks and manipulate data.
  • Must be able to meet established deadlines and handle multiple customer service demands from internal and external customers, within set expectations for service excellence. Must be able to effectively communicate and provide positive customer service to every internal and external customer, including customers who may be demanding or otherwise challenging.

Department

Department:

Equal Employment Opportunity

CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer. It is the policy of theCompany to provide equal employment opportunities to allqualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Hire Range Disclaimer

Actual salary will be based on relevant job experience and work history.

Where To Apply

Please visit our website to apply:

Federal Disc/Physical Demand

Note: The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.

PHYSICAL DEMANDS:

The associate is primarily seated while performing the duties of the position. Occasional walking or standing is required. The hands are regularly used to write, type, key and handle or feel small controls and objects. The associate must frequently talk and hear. Weights up to 25 pounds are occasionally lifted.

Sponsorship in US

Must be eligible to work in the U.S. without Sponsorship

#LI-LD1
  • ID: #49372267
  • State: Maryland Owingsmills 21117 Owingsmills USA
  • City: Owingsmills
  • Salary: USD TBD TBD
  • Job type: Permanent
  • Showed: 2023-02-27
  • Deadline: 2023-04-27
  • Category: Et cetera