SIEM Engineer at JPMorgan Chase Bank, N.A. (Plano, TX)
Location: Plano, TX
Type: Full Time
Created: 2021-10-11 05:00:53
JPMorgan Chase is looking for a candidate with solid SIEM experience and can work collaboratively with other SIEM engineers and diverse end users. Candidates will architect, implement, and use Splunk solutions to integrate data feeds and create content in a distributed computing environment. This role requires the ability to architect and implement SIEM solutions in support of cybersecurity analysts and data scientists. The focus of this role is primarily on developing, maintaining, enhancing and automating SIEM in a large scale environment deployed on systems running on Linux and Windows platforms.
Responsibilities * Architect, engineer, implement, and administer SIEM solutions in a highly available, redundant, distributed computing environment. * Perform SIEM/Splunk component deployment, configuration and troubleshooting across a variety of platforms both on-premises and in public clouds. * Optimize the operation and performance of Splunk Indexers, Search Heads and Forwarders and other SIEM related technologies used for Cyber Defense. * Integrate data feeds (logs) into SIEM/Splunk from on-premises and cloud deployed devices and applications. * Develop SIEM content and support other content developers using your expert knowledge of SPL. * Support and enhance cutting-edge machine-learning-based security analytics Splunk applications deployed on Splunk Enterprise Security. * Monitor Splunk internal logs to identify and resolve potential performance issues * Automate frequently used process and work flows with scripts and programs utilizing your development skills. * Create technical documentation including SOP's and design documents related to system configurations, processes, and procedures.
Requirements * BS/BA degree or equivalent experience. * 5+ years of IT experience in a technical position as an engineer, architect or system administrator within a large scale mission critical enterprise environment. * 5+ years of direct hands-on experience installing, configuring and administering SIEM tools. * Proficiency with Linux platforms, including shell scripting. Red Hat preferred. Bash preferred. * Experience deploying, configuring and maintaining Splunk at scale. * Experience writing complex SPL queries for dashboards, reports and apps. * Experience developing custom Splunk apps for end users. * Experience automating repetitive and error prone operations with scripting languages. * Working knowledge of network infrastructure components (switches, routers, firewalls, proxies, load balancers, etc.) * Team oriented with great communication and interpersonal skills. * Ability to work on all aspects of large-scale projects including planning, prioritizing, executing, delivering, and sustaining. * Experience working in an Agile environment using Scrum or Kanban methods.
Preferred/Desired Skills * Certified Splunk Power User, Administrator, Architect and/or Architect II * Experience with additional logging/data pipeline technologies such as ELK, LogStash, Spark, Kafka, Fluentd, AWS Kinesis, etc. * Experience deploying and developing content for Splunk Enterprise Security. * Experience automating workflows with Splunk Phantom.
* Profession experience developing software using C#, Java, Python or similar languages. * Experience developing for and deploying to Public Cloud, AWS preferred. Certification a plus. * Working knowledge of machine learning concepts and experience with one or more ML platforms or toolkits.
JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.
Equal Opportunity Employer/Disability/Veterans