Share this Job

Splunk Cloud Engineer (Remote)

Apply now »

Date: Aug 30, 2022

Location: Charlotte, NC, US, 28216

Company: Corning

Requisition Number: 53040

 

Corning is one of the world’s leading innovators in materials science. For more than 160 years, Corning has applied its unparalleled expertise in specialty glass, ceramics, and optical physics to develop products that have created new industries and transformed people’s lives.

Corning succeeds through sustained investment in R&D, a unique combination of material and process innovation, and close collaboration with customers to solve tough technology challenges.

The global Information Technology (IT) Function is leading efforts to align IT and Business Strategy, leverage IT investments, and optimize end to end business processes and associated information integration technologies.  Through these efforts, IT helps to improve the competitive position of Corning's businesses through IT enabled processes.  IT also delivers Information Technology applications, infrastructure, and project services in a cost efficient manner to Corning worldwide.

This role has the ability to be virtual

 

Scope of Position: As a key member of this team you will be part of a highly collaborative environment that provides tremendous opportunity for growth. You will support a global security initiative to design, build, implement, and maintain a security focused Splunk environment.  You will work closely with engineers across the company, and directly interface with our cyber threat analysts to understand their mission and capabilities. You will function as a Splunk SME for the company, leveraging your expertise to provide solutions that meet customer needs, including the development of Insider Risk content, and developing a strong Splunk skillset across the team.

 

Responsibilities:

Partner with cyber threat analysts, and other Splunk stakeholders to develop practical solutions that meet their needs
Support the Insider Risk program with the development of insider threat Splunk content
Develop, and continually evolve Splunk content that supports the cybersecurity and operations missions
Contribute to the design and creation of new detection techniques, and improving existing ones
Support the full system engineering lifecycle of the Splunk environment, including requirements analysis, design, development, and system integrations
Support the creation and maintenance of documentation and diagrams of the Splunk architecture and environment
Function as a Splunk SME and coach to develop strong Splunk skills across the Cybersecurity Operations organization
Provide on-call support for incident response efforts outside of core hours as needed.
 

Education and Experience:

4+ years of Splunk engineering experience
Relevant certifications: (CompTIA Security+, Splunk Core Certified User, Splunk Core Certified Power User, Splunk Enterprise Security Certified Admin, AWS Certified Solutions Architect, etc.)
 

Required Skills:

Demonstrated on the job experience integrating and correlating large sets of data (syslog, security events, etc.)
Ability to prepare, process, analyze, and visualize significant amounts of events from multiple data sources while keeping the big picture in mind
Proficiency and demonstrated experience managing/deploying large scale distributed Splunk environments
Proficiency and demonstrated ability working with Splunk Enterprise Security
Proficiency and demonstrated experience on-boarding new data, including custom parsing rules and CIM
Experience with Virtualization Platforms (Hypervisor, vSphere, etc.)
Demonstrated critical thinker mindset, and problem-solving skills
Effective communicator, ability to report complicated security events at comprehendible level for all levels of leadership
Excellent written and verbal communication skills, with the ability to process and present complex information
 

Preferred Skills:

Experience with Cloud technologies and environments (Azure, AWS, etc.)
Experience with Incident Response and associated tools/technologies (IDS, IPS, SIEM, etc.)
Experience with networking (TCP/IP, topology, sockets, and security) operating systems (Windows and Linux), and web technologies (firewalls, proxies, etc.)
Experience with configuring Splunk Enterprise Security dashboards
Experience with configuring Splunk Enterprise Security customer queries, alerts, and rules
Previous experience in a cybersecurity-oriented role (threat analyst, incident responder)
Experience with standard security principles, policies, standards, and industry best practices
 

Travel Requirement: Up to 10%

 

This position does not support immigration sponsorship.


 

We prohibit discrimination on the basis of race, color, gender, age, religion, national origin, sexual orientation, gender identity or expression, disability, veteran status or any other legally protected status.

 

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.


Nearest Major Market: Charlotte