What you’ll be doing...

Based in Manila, you will be a team member of the Professional Services (Cyber Defense) practice and participate in the delivery of Advanced Security Operation Center (ASOC) and SIEM projects to our clients.

Your tasks will primarily consist of the deployment and administration of Splunk Components in a SIEM platform to allow for the creation and operation of various Use Cases for security incident response management relating the client’s IT environment. You will be working with a team of cyber security professionals in managing the various technologies used to support our MSS practice and customers.

What we’re looking for...

You will need to have:

  • Bachelor's degree with fouror more years of work experience.
  • Four or more years of relevant work experience in IT Security.
  • Experience in the deployment of Splunk components in both project and BAU lifecycle stages of delivery.
  • Experience with automation, capacity planning, performance optimization, benchmarking, configuration management and continuous monitoring and delivery (may include experience using Vagrant, Puppet, Chef and Ansible).
  • Experience in supporting and maintaining a complex multi cluster Splunk environment used to monitor infrastructure deployed across cloud and on-premise data centers.
  • Experience in Linux and networking is required.
  • Translate cyber security risks to SIEM use cases, using relevant data to increase the effectiveness of threat detection, response and recovery.
  • Champion SIEM automation, orchestration and data infusion utilizing security incidents, vulnerabilities, threat intelligence and other relevant sources.
  • Devise health check strategies on the components of Splunk and log source ingestion to enable SOC to perform these scheduled.
  • One or more current Splunk Certifications mentioned below:
    • Splunk Architect or Architect II (preferred)
    • Splunk Certified Administrator
    • Splunk Certified Sales Engineer or higher

Even better if you:

  • A degree.
  • Data architecture at the Forwarding, Indexing, and Search layers in the Customer environment – which event data is ingested from where, how does it get to where it is stored, and which fields are extracted from it at search time.
  • An excellent understanding of log ingestion and data normalisation on the Splunk platform.
  • Understanding of enterprise systems administration (Linux preferred) and/or enterprise networking. Knowledge of protocols like TCP/IP, DNS, HTTP, and SMTP.
  • Ability to perform complete Splunk environment installs.
  • Experience in configuration management used by the Splunk admin team, and, where possible, contribute to configuration changes.
  • Ability to identify when a Splunk Event type is not ingested correctly from a Cyber Security Use Case perspective and how to fix the issue (e.g. UF, HF, TA, etc).
  • Can validate that a log has been ingested correctly within Splunk and can be used by the aSOC when referring to current and future Cyber Security Use Cases.
  • Devise health check strategies on the components of Splunk and log source ingestion to enable SOC to perform these scheduled.
  • Problem-solving and communication skills.

When you join Verizon...

You’ll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America’s fastest and most reliable network, we’re leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we’re about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.