Splunk Detection Engineer

Company: Fiserv, Inc.
Location: Berkeley Heights
Posted on: May 28, 2023

Job Description:

Calling all innovators - find your future at Fiserv.

We're Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants, and consumers to one another millions of times a day - quickly, reliably, and securely. Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, we're involved. If you want to make an impact on a global scale, come make a difference at Fiserv.

Job Title
Splunk Detection Engineer

Job Purpose

What does a successful Cyber Detection Engineer do at Fiserv?

As a member of Fiserv's Cyber Security Detection Engineering (DE) team, the Cyber Detection Engineer will develop and build content used for SOC monitoring of security content. The detection engineer will use a wide variety of tools and need a familiarization with many of the core data sources that are used to build that content. The successful candidate will focus on creating viable content for use cases, reporting and visibility within the Cyber Security environment.
The successful candidate will perform validation functions such as data review, log analysis, and content build processes, and will be responsible for consistent roadmap delivery and maturity of all content, reporting and metrics associated with the development process. The candidate will join a team of content developers, incident analysts and incident handlers and will have an opportunity to participate in a number of global cyber security initiatives focused around SIEM and SOAR development.

Candidates should have a basic understanding of incident response processes, cyber security related data sources such as end-point detection tools, network-based detection, relevant cyber security attacks, and other security relevant content sources. The candidate will also need to be comfortable with scripting language such as python. This position requires that the candidate be a US Citizen.

What you will do:

• Build, design, and maintain underlying data models and content structure to support Fully functional Splunk Enterprise Security (ES) as a detection and response platform.
• Administrate custom data importing, parsing, and tagging of data sources, and understands the need for data sources and proper data elements in order to ingest logs relevant for cyber event detection.
• Creation and development of detection content using data science and correlation to associate disparate cyber security events into meaningful detections of adverse/malicious behaviors within the environment.
• Manage the preparation and presentation of cyber security metrics, relating to Cyber Security Operations functions.
• Executive and tactical reporting on Detection Engineering projects and efforts, with emphasis on time-based engineer
  
  What you will need to have:
  
  • Must meet requirements to obtain & maintain 6C GOVT Clearance / Certification
  • Bachelor's degree or equivalent program in technology fields, Information Security, or Information Technology, (or equivalent work experience).
  • Experience designing and implementing ground up distributed Splunk installations including all Splunk server roles (Search Head, Indexers, Heavy Forwarders and Universal Forwarders, etc.)
  • Experience building and maintaining rules, offenses, dashboards, reports, apps, playbooks, integrations and other content using Splunk ES
  • Proficiency in building data models which support the SIEM function within Splunk ES
  • Excellent Linux and Windows administrative knowledge. Experience working with APIs to perform basic automation and integration tasks
  • Experience with enterprise security technologies, EDR, IDS/ IPS, vulnerability scanners, configuration management, and their applicability in in SIEM SOC processes.
  • Experience with coding and scripting with languages like, Perl, Python, Bash, JavaScript, and more are desirable.
  • Strong Ansible, Terraform, Git, Chef, Puppet, and/or other automation technologies and their use with Splunk
    
    What would be great to have:
    
    • Splunk Enterprise Security Implementation/Admin Certifications
    • Industry standard certifications such as CISSP, GCIH/GMON, are desirable.
      
      Learn more about Fiserv:
      
      To support the total well-being of our associates, Fiserv takes a broad approach to our benefits. We offer a comprehensive benefits package that provides flexibility and affordability with a variety of medical, dental, vision, life insurance and disability options.
      
      We are #FISVProud of our benefits and well-being programs. Our commitment to wellness, wellness education, preventive services and fitness activities are designed to meet you where you are.
      
      Life moves fast. And as it does, we know most people aren't thinking about "financial services". But we are.
      
      We help people and businesses move money and information every minute of every day. Our solutions connect financial institutions, corporations, merchants and consumers to one another, millions of times a day, behind the scenes, reliably and securely.
      
      We're Fiserv, a global leader in Fintech and payments enabling innovative financial services experiences that are in step with the way people live and work today. The company's approximately 44,000 associates proudly serve clients in more than 100 countries, so their customers, members and consumers can move money when and where they need it, at the point of thought.
      
      Our Aspiration is to move money and information in a way that moves the world. As a FORTUNE--- 500 company and one of FORTUNE Magazine World's Most Admired Companies for the seventh consecutive year, we are committed to excellence and purposeful innovation.
      
      We welcome and encourage diversity in our workforce. Fiserv is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran
      
      Explore the possibilities of a career with Fiserv and Find Your Forward with us.
      
      #LI-RM1
      
      This role is not eligible to be performed in Colorado, California, New York or Washington.
      
      Please note that salary ranges provided for this role on external job boards are salary estimates made by outside parties and may not be accurate.
      
      Thank you for considering employment with Fiserv. Please:
      
      
      • Apply using your legal name
      • Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable).
        
        What you should know about us:
        
        Fiserv is a global fintech leader with 40,000-plus (and growing) associates proudly serving clients in more than 100 countries. As a FORTUNE--- 500 company, one of Fast Company's Most Innovative Companies, and a top scorer on Bloomberg's Gender-Equality Index, we are committed to excellence and purposeful innovation.
        
        Our commitment to Diversity and Inclusion:
        
        Fiserv is an Equal Opportunity Employer, and we welcome and encourage diversity in our workforce that reflects our world. All qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by law.
        
        We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
        
        Warning about fake job posts:
        
        Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information.
        
        Any communications from a Fiserv representative will come from a legitimate business email address. We will not hire through text message, social media, or email alone, and any interviews will be conducted in person or through a secure video call. We won't ask you for sensitive information nor will we ask you to pay anything during the hiring process. We also won't send you a check to cash on Fiserv's behalf.
        
        If you see suspicious activity or believe that you have been the victim of a job posting scam, you should report it to your local FBI field office or to the FBI's Internet Crime Complaint Center.

Keywords: Fiserv, Inc., New York , Splunk Detection Engineer, Engineering , Berkeley Heights, New York