Your Mission
As part of our Managed Detection and Response department, your mission will be to help us provide best-in-class services to our clients as they run. By accompanying the client with the management of their security devices, with a focus on Splunk administration, and by continuously improving our processes and operations capabilities, you will be helping make the customers life more secure.
Your Responsibilities will be to:
Manage the configuration and monitor the health of customer’s security devices. You will do this by acting as the main escalation point attending client´s requests such as service requests, change requests or operational incidents in a timely manner.
Follow vendors’ roadmaps to: best leverage the platform’s new features, define the upgrade strategies for devices and ensure the proper roll out to customers
Serve as the subject matter expert for other teams internally in order to help drive continuous improvements and new services implementations
Participate in the effort of building and maintaining Standard Operations Procedures to manage security devices or to empower Tier 1 and 2 analysts
Build up and maintain an in-depth knowledge of our products and services portfolio
Periodical on-call duties for device management escalations
This role involves:
Understanding the customer’s business and providing guidance accordingly.
Frequent contacts with customers in both technical and managerial areas.
Internal transversal interactions with various groups (Operational Analysts, Security Device Engineers, Integration Engineers, DevOps Engineers…)
Your aim is to play an active role in helping Kudelski Security to provide customers with the best experience through their journey into our Managed Detection and Response service and ultimately make our customer’s lives more secure.
Ideal Background:
An engineering degree in technology / computer science or equivalent.
Proven experience in client facing role.
Proven experience in Splunk administration.
Proven experience in Windows, Linux and Network administration.
Technical competencies:
Expert Splunk Administration:
* Installing and configuring Splunk instances.
* Integrating various data sources into Splunk.
* Optimizing and monitoring for performance and scalability.
* Creating and managing security monitoring dashboards, alerts, and reports in Splunk.
* Troubleshooting and resolving Splunk-related issues.
Windows Server administration experience, including:
* Installation, configuration, roles and features
* Active Directory administration
* GPO management and troubleshooting
* Familiarity with MSSQL, WEC
* Backup and recovery
* Powershell
Linux Server Administration experience, including:
* At ease with installing and configuring different distributions
* Management of file system, permissions, users, groups
* Updating and patching
* Core services such as SSH, FTP, NFS, Selinux
* Familiarity with Rsyslog
* Backup and recovery
Bash
Understanding of Network tools & protocols:
* Internet basics: TCP/IP, HTTP, DNS, Syslog, SNMP
* Tools: TCPDump, Wireshark
An in-depth understanding of the information security industry forces and trends.
The following are not required but are a plus:
Scripting languages (i.e. Python)
Automation and configuration management tools like Gitlab, Ansible
Other SIEM solutions (Elastic, Sentinel, LogRhythm)
CISSP/CISM/CCSP/ITIL and other general cibersecurity certifications
Technical certifications from aforementioned vendors
Finally, you are:
A team-player willing to iterate on our internal processes to improve the team’s efficiency
At ease with solving complex problems
Dynamic, with strong interpersonal and communication skills
Autonomous, self-taught and transparent
Able to handle and prioritize parallel tasks with multiple interfaces
Fluent in English (Spanish, any other languages are an asset)
Join us and be part of a rapidly growing company with locations in Spain, Switzerland and the United States. We leverage our unique history of innovation and engineering with a pragmatic view of client security, to adopt a different approach to cybersecurity and help change the security paradigm. When you join us, you'll be part of an industry leader that has a tremendous impact on how our clients approach Cybersecurity strategy.
If you love the challenge as much as the rewards and are ready to take your career to the next level, apply today.