Senior SIEM Engineer - Splunk(m/w/x)

## Job Description We are seeking a highly skilled and experienced Splunk Architect with a strong background in Security. The successful candidate will be responsible for designing, implementing, and managing our Splunk infrastructure in a hybrid cloud large scale environment. This position is mainly for Bioggio, Ticino office. **Your key tasks** * Design, implement, and manage the Splunk infrastructure * Deploy and manage Splunk indexer clusters and search head clusters * Performing optimization of existing clustered Splunk deployments * Monitor operations of Splunk platform to enable proactive issue identification, response, and resolution * Integrate Splunk with a wide variety of legacy data sources, industry leading commercial security tools and Cloud Service provider facilities * Build Splunk Technology Add-ons * Build custom script in the following languages (Python, Bash, PowerShell, VBscripts) * Build Splunk apps to be deployed on thousands of Splunk Universal Forwarders * Interact with REST API endpoints * Interact with RBDMS in SQL * Effectively and efficiently onboard data sources, create indexes and data model, create CIM compliant data mapping, establish health monitoring and KPIs * Manage Splunk knowledge objects (Apps, Dashboards, Saved Searches, Scheduled Searches, Alerts. etc..) * Manage Splunk Role Based Access Control * Design and implement Correlation Searches in Splunk Enterprise Security * Maintain and extend correlation between Asset & Identity and Splunk Enterprise Security framework * Onboard Threat Intelligence feeds and correlate with data * Assist Security Analysts providing them consultancy to leverage the Splunk environment * Drive the operational model transformation of SecOps * Identify technology gaps, security gaps, develop solutions and make recommendations for continuous improvement ## Qualifications * Splunk Architect or Splunk Consultant certification or proven Splunk Professional Services experience * At least 5 years of general work experience as Splunk Architect or higher * Experience in designing and implementing Security Operation Center with Splunk * Strong understanding of all Splunk architecture components to include search head clustering, indexer clustering, deployment server and monitoring console * Strong understanding of SPL * Strong understanding of regular expressions and data pipelines * Knowledge of platform and application automated deployment and version control software e.g. (Git, Terraform) within a physical environment * Knowledge of Security components (Firewall, WAF, Vulnerability scanners, etc…) * Knowledge of Cloud Service Providers, preferably OCI * Knowledge of SOAR is highly desirable * Linux system administration skills, preferably RHEL * Windows system administration skills * Knowledge of Kubernetes and containerized architectures * Understanding of network protocols/services and network infrastructures * Ability to troubleshoot, diagnose and solve issues independently * Excellent verbal and written communication skills ## Additional Information We realize that managing work life balance is a challenge we all face in our daily lives and in order to support with this we are pleased to offer hybrid and flexible working for most of our Avaloqers to maintain work life balance and still continue our fantastic Avaloq culture in our global offices. In Avaloq we are proud to embrace diversity and understand the success of our business is built on the power of different opinions, we are whole heartedly committed to fostering an equal opportunity environment and inclusive culture where you can be your true authentic self. We hire, compensate and promote regardless of origin, age, gender identity, sexual orientation or any other fantastic traits that make us all unique, we have done our best to write this advert in an inclusive and neutral way. Please be aware that we will not accept speculative CV submissions for any of our roles from recruitment agencies, and any unsolicited candidate submissions will be exempt from any payment expectations. # LI-Hybrid