Senior Splunk Specialist

Employer
Avaloq Asia Pacific Pte Ltd
Location
Singapore, Singapore
Salary
Competitive
Posted
Dec 30, 2022
Closes
Jan 01, 2023
Ref
17957771
Job Function
Other
Industry Sector
Finance - General
Employment Type
Full Time
Education
Bachelors
Company Description

Writing the future. Together.

Avaloq is a value driven, fast-paced financial technology and services company and we are committed to developing the banking solutions of tomorrow.

By joining Avaloq, you'll become a key part of our effort to power the digital transformation of the financial services industry. Our ambition is big and bold - to provide full end-to-end digital solutions by combining our leading efficiency with a flexible, responsible digital user experience. Headquartered in Zurich, Avaloq has over 2,000 employees globally. More information is available at www.avaloq.com .

Job Description

Your team
You are part of the Security Operations team within the Chief Information Security office at Avaloq. Your team supports the security systems and processes across APAC to protect our internal and external clients. The team is responsible for administering security systems, develop security standards, manage, and resolve security incidents, provide guidance on security matters, among others. We collaborate with cybersecurity teams and specialists spread out globally across Avaloq and are thoroughly excited by the challenges that come our way.
In this position, you will focus on the management and operation of our Splunk Cloud and on-premises infrastructure. Additionally, you will help the Team in the identification, analysis, and response creation to cyber security threats. This also includes the incorporation of adequate threat intelligence feeds, onboarding of new log feeds, creation of new use cases and integrating various security processes and tools. You will closely work with our suppliers in the service chain for security monitoring.
You can expect a demanding and complex international environment, which is highly stimulating and encouraging. The international growth of the company demands your structured and innovative approach, as well as flexibility to a high degree. As a committed team player, you will support developing the maturity of the security operations, its controls, tools, and processes.
Your Mission:
  • Lead, maintain and expand the DevOps cycle of our Splunk Cloud and on-premises infrastructure
  • Create and fine-tune use cases and reports
  • Onboarding of new log feeds
  • Lead threat intelligence integration and optimization
  • Assist the security analysts in investigations
  • Participate in the security operational risk management activities as part of the Enterprise Risk Management to identify threats and institute appropriate security programs.
  • Support and maintain the APAC's Information Security Management System (ISMS) to assure continuous compliance with regulations, laws, and contractual obligations by adopting and deploying industry and market standards and accepted best practices.
  • Support team's operations with weekend and on-call support as required.
Qualifications

What you need:
  • Solid know-how of Splunk Enterprise Security
  • Minimum 3 to 5 years of experience in a similar role, i.e., in a combination role of security risk, information security and IT.
  • Fluent in English (both written and verbal)
  • Proven experience in Cloud DevOps
  • Proven experience in developing scripts (Bash, Python, PowerShell etc...) and Splunk custom Applications with REST API to support data collection and integration
  • Ability to write complex data extraction SPL queries using regular expressions over structured and unstructured data
  • Strong understanding of Data Models and CIM compliance
  • Experience in:
    • managing Splunk Search Heads & Indexer Clusters
    • deploying Splunk configurations across Splunk forwarders
    • managing access controls over LDAP or similar authentication methods
    • developing searches, reports, and dashboards
    • managing upgrades for Splunk clustered infrastructure
    • troubleshoot and identify performance issues/bottleneck both in Splunk and Infrastructure
    • creating predictive and anomaly detection leveraging Splunk Machine Learning toolkit.
You will get extra points for the following
  • Splunk Certifications (Administration & Architect)
  • Information and Cyber Security certificates like CISSP, OSCP, SANS, CREST or similar.
  • AWS Certifications (Solutions Architect / DevOps Engineer)
  • Working experience with management of threat intelligence feeds, vulnerability scanners and security analysis tools.
  • Proven experience with SQL (Oracle, DB2, PostgreSQL etc.,)
  • A strong motivation to work in Cyber Security
  • Practical experience in security orchestration and automation (SOAR)
Additional Information

Now let's talk about perks and compensation
We offer high flexibility in regards to working models (e.g. part time and home office models are possible depending on business requirements). Our base salaries are competitive and if you prove to be a superstar, you might even be entitled to an extraordinary achievement reward. Avaloq aims to share its success with all its employees by paying out "Success Share Units" depending on its performance in a given year.
At Avaloq we embrace diversity, we embrace difference. We are whole-heartedly committed to equal employment opportunities and we foster an inclusive culture where everyone's' contributions are valued and their voices are listened to. We hire, compensate and promote regardless of origin, age, sexual orientation, gender identity or any other fascinating characteristics that make us different. Please note that our job descriptions are intended to be written in an inclusive and gender neutral language.

Don't be shy - apply!
Please only apply online, preferably with pdf documents.
Note to Agencies: All unsolicited résumés will be considered direct applicants and no referral fee will be acknowledged.
Job Location
  • You need to sign in to save