Principal CyberSecurity Engineer (Splunk)- Remote
Company: CareFirst BlueCross BlueShield
Location: Owings Mills
Posted on: March 19, 2023
Resp & Qualifications
Develops and implements security solutions. Administers security technology systems by architecting and engineering/developing trusted systems into secure systems.
Assists in the development of implementation and deployment plans that are aligned to the organizational strategic plan objectives and security requirements. Advises management in developing cybersecurity policies, processes, and procedures.
Provides day-to-day leadership to engineers overseeing the support of security solutions.
Works with architects and project managers to provide security requirements.
Mentors, educates, and coaches engineers and leaders across the organization on cybersecurity solutions.
Answers complex questions about the installation, operation, configuration, and customization of cybersecurity solutions.
Identifies and resolves potential conflicts with the implementation of any cybersecurity tools.
Reviews and analyzes appropriate solution system logs for performance and functional anomalies.
Develops information systems security action plans, evaluates information security products, and performs other activities necessary to secure the organization's network.
This position has no direct reports, however, may informally lead teams in a matrix environment.
Education Level: Bachelor's Degree in Computer Science, Information Technology, or related field OR in lieu of a Bachelor's degree, an additional 4 years of relevant work experience is required in addition to the required work experience.
Splunk Certified Developer
Splunk Enterprise Security Certified Admin
CISSP Certified Information Systems Security Professional Upon Hire Required OR Certified Ethical Hacker (CEH) Upon Hire Required OR CompTIA Security+ Certification Required OR CompTIA Network+ Certification required
Experience: 10 years relevant IT security experience
Knowledge, Skills and Abilities (KSAs)
Responsible for creating Splunk ES (Enterprise Security) Security Information and Event Management (SIEM) content to monitor and detect potential threats to the enterprise.
Responsible for SIEM content management, content creation, rule tuning, reporting and alert creation.
Integration of signals and telemtry from various security tools including COTS and Cloud-native (AWS, GCP, Azure).
Work with Splunk engineers to onboard and normalize new data sources ensuring CIM compliance.
Significant experience with threat detection and threat hunting workflows.
Significant experience with Incident Response procedures.
Significant experience in security data analytics.
Significant experience with data models - existing Splunk data models as well as, creation and tuning of data models from the ground up.
Experience with Splunk Machine Learning Toolkit (MLTK).
Will work closely with the CyberSecurity Monitoring and Automation teams to develop requirements and implement detections.
Develop complex dashboards and visualizations.
Develop alerting and notification.
Must be able to meet established deadlines and handle multiple customer service demands from internal and external customers, within set expectations for service excellence. Must be able to effectively communicate and provide positive customer service to every internal and external customer, including customers who may be demanding or otherwise challenging.
Department: InfoSec - CyberSecurity Engineer
Equal Employment Opportunity
CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer. It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.
Hire Range Disclaimer
Actual salary will be based on relevant job experience and work history.
Where To Apply
Please visit our website to apply: www.carefirst.com/careers
Federal Disc/Physical Demand
Note: The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.
The associate is primarily seated while performing the duties of the position. Occasional walking or standing is required. The hands are regularly used to write, type, key and handle or feel small controls and objects. The associate must frequently talk and hear. Weights up to 25 pounds are occasionally lifted.
Sponsorship in US
Must be eligible to work in the U.S. without Sponsorship
Resp & Qualifications
Keywords: CareFirst BlueCross BlueShield, Baltimore , Principal CyberSecurity Engineer (Splunk)- Remote, Engineering , Owings Mills, Maryland
here to apply!