Information Technology - Vaughan

?Key Accountabilities:
 
The role’s main responsibility as a Subject Matter Expert (SME) on Splunk is to provide day-to-day management, deployment and configuration of index nodes, forwarders, search heads, ect on a large-scale Splunk deployment with a role in on boarding new log sources, gather use cases from the customer and configure and tune their deployment to match customer requirements, as well as updating documentation to reflect the current operating environment, platform management, administration and day-to-day support activities, including monitoring the environment with performance tools, maintaining optimal configuration and technical policy management.
 
JOB RESPONSIBILITIES:
•      Security monitoring practices
•      Security signature generation methods and techniques
•      Creating and maintaining LaaS content development including reports, dashboard, rules and alerts to assist in detection of threats, reporting requirements, and efficiency in event monitoring.
•      Security signature generation methods and techniques
•      Create technical documentation around the operations, procedures, and content.
•      Monitor the health and performance of the LaaS platform and work with supporting teams to consult on actions required.
•      Work with various teams to resolve issues that may arise with log sources, LaaS host patching, connectivity etc.
•      Coordinate escalations to internal teams to ensure timely delivery of incident resolutions.
•      Work with the vendor for support and troubleshooting.
•      Event flows (i.e. Syslog)
 
TOP SKILLS:
•      7 – 10 years of relevant experience, with a minimum of 5 years work experience in configuring, implementing and administering Security tools and delivering security services. Experience must include implementation and configuration management of multiple security tools and delivery of security services in large enterprise environments. (ideally looking for 3 years experience with Splunk – looking for experience with administering the tool and not as an analyst)
•     Good communication skills both written and verbal– working with a lot of management and interacting with various people day to day.
•     Analytical thinker – They need to be able to find opportunities for improvement and efficient management of the system
•     Large scale deployment experience
•      Network design and operation
•      Familiarity with Hadoop and Database technologies
•      Unix or Linux shell environments
•      Experience working in a corporate enterprise environment
•      Proficient in technical writing and communication
•      Prior participation and responsibilities for 24×7 on-call schedule for technical support.
•      Knowledge of regulatory and compliance-driven processes and activities to ensure enterprise compliancy to internal policies and regulatory requirements.
•      Experience with defining, generating and operationalizing security metrics.
•      Excellent oral and written communication skills required.
•      Familiarity with enterprise security tools such as IDS/IPS, Anti-Virus, Malware Gateway, Messaging Servers, Firewalls and Internet Proxy
•      Active Directory/LDAP
•      Security Information Event Management (SIEM)
•      Log management tools (i.e. Splunk/ArcSight)
•      Three tiered application model
•      Cloud computing
•      Virtualization
 
NICE TO HAVE SKILLS
•      Prior financial services institution experience a plus
 
EDUCATION:
•      Completion of a Bachelor’s degree or equivalent program in Computer Science, Management Information Systems or similar field is strongly preferred
•      Security certification such as: CISSP, SANS GIAC, Security+, Network+, Linux+, MCSE, RHCE or CCNA-Security – nice to have
 
Please send resumes to d.saravanan@maxsys.ca

Position Type Contract
Application Deadline April 30, 2017
Experience Required 5+ years
Job Duration 6 months
Education Required Designation