Security Analyst / Engineer (IAM & Splunk)

The Fountain Group
Charlotte, United States of America
5 days ago

Role details

Contract type
Temporary to permanent
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Junior
Compensation
$ 113K

Job location

Remote
Charlotte, United States of America

Tech stack

Agile Methodologies
JIRA
User Authentication
Cloud Computing
Computer Security
Identity and Access Management
Information Model
Platform as a Service (PAAS)
Role-Based Access Control
Data Logging
Software Security
Splunk

Job description

The Security Engineer will be responsible for Highly Privileged Access (HPA) Logging and Monitoring. This role partners closely with our technology teams to onboard applications to the Monitoring Framework which includes determining the applications logging capabilities through the discovery process and onboarding the applications to Splunk.

In addition, the IAM team is leading an initiative to enhance the implementation of a system that identified secret keys across our environment and reports on secrets that are approaching or beyond the required secret key rotation date, based on requirements in our standards. The IAM Security Engineer will be responsible for understanding test cases, executing testing of functionality, and identifying/reporting defects throughout development., * Facilitate discovery and engagement with application owners.

  • Conduct interviews, working sessions, and document onboarding.
  • Document and escalate risk mitigation plan for apps that cannot onboard.
  • Coordinate troubleshooting efforts when preparing apps for onboarding.
  • Report ongoing status and raise required escalations.
  • Analyze log data to identify relevant log events to map to Splunk data models.
  • Develop Splunk technology add-ons to properly parse, event type, and tag application security data.
  • Test and quality assure Splunk configurations (e.g., confirm appropriate events are in logs and properly mapped to Common Information Model, confirm Splunk standards are followed).
  • Release apps to production Splunk team.
  • Develop and execute test plans and cases for new application functionality
  • Collaborate with developers to reproduce and troubleshoot issues
  • Maintain detailed test documentation

Requirements

  • A total of 3 years working experience with a Bachelors Degree, and 5+ years of working experience in lieu of a degree with a minimum of 1 years engineering and/or architecture experience in IAM or adjacent InfoSec domains, such as Data Protection or Security Engineering.
  • A minimum of 1-year hands-on experience with IAM technologies.
  • Understanding of Splunk Cloud and Splunk Processing Language (SPL).
  • Experience working in a cloud (PaaS) environment.
  • Knowledge of foundational IAM concepts - Authentication, Authorization, RBAC, etc
  • Exceptional written and verbal communication skills.
  • Ability to prioritize work efforts based on risk and project timelines.
  • Experience working in Agile methodology, leveraging Jira and Jira Align preferred.

Apply for this position