What you’ll be doing...

The Principal Splunk Content Developer is part of the Verizon Threat Management Center (TMC), protecting Verizon against cyber threats. This role will serve as a chief engineering resource responsible for the care and development of content for the Splunk platform. This includes, but not limited to: data modeling, creating custom dashboards, writing uses cases, and runbooks. The Principal Engineer will work closely with the various internal towers as well as cross-organizational teams on design, content, and facilitating the use of the system.

An ideal candidate will be active in the threat intelligence community, and be able to apply that knowledge to shape Verizon’s security posture. The Principal Engineer will also need to be “Big picture” thinking coupled with deep technical knowledge and the ability to perform hands-on security content development and analytical tasks. They need to be able to understand and solve business problems while managing associated risks and compliance requirements.

Major Responsibilities include:

  • Performing day to day activities of the Content Team, including
    • Supporting, developing, executing testing of new content rules,
    • Creating signature, behavioral, and statistical content for the TMC
    • Adding, changing, and removing rules
    • Documenting additions, deletions, and modifications of content rules.
  • Production and update of all ‘content’ related information in security platforms (SIEM, Deep Packet Inspection, End Point Security tools).
  • Maintaining direct and regular interaction with the TMC and organizational stakeholders to enhance content across the platforms, and mature the security program, based on risk posture, threat landscape, and changing business requirements.
  • Develop and Deliver regular training sessions for the TMC on content
  • Working with cross-organization teams to evaluate the quality of provided data sources and recommending improvements to the sensing capabilities and coverage.
  • Working with the other security functions to identify and apply Cyber Threat Intelligence from internal and external sources to the existing Content Library.
  • Supporting the technical security and engineering design review for proposed IT infrastructure changes, and understanding how these changes drive adjustments across the content process.
  • Identify manual work drivers, and make recommendations / solutions on how to automate those tasks.
  • Potentially perform additional support responsibilities as needed.

What we’re looking for...

You’ll need to have…

  • Bachelor’s degree or four or more years of work experience.
  • Six or more years of relevant work experience

Even better if you have…

  • 5+ years working within the information security field with emphasis on security content development, SIEM platforms, and security event and incident analysis
  • 5+ years of strong hands-on experience with SPLUNK ES, including development of content, ingestion of feeds, and other platform administration functions
  • 5+ years of scripting / programming languages
  • Direct Experience integrating SIEM with other security platforms / ticket systems
  • Ability to convey a strong presence, professional image, and deal confidently with complex technical problems
  • Ability to present information / content to executives
  • Ability to drive process improvements and identify gaps
  • Proactive in engaging with customers, client executives and other Verizon teams
  • Ability to excel in a team, as an individual, in a fast-paced deadline driven organization
  • Bachelor’s Degree in relevant field
  • Professional certifications to include CEH, CISSP, SANS GCIA, or CISM
  • Experience with other SIEM technologies (e.g. ArcSight),
  • Experience with security products (e.g Crowdstrike, Threatstream)
  • Expertise in investigating and quantifying long running trends in the enterprise environment
  • Knowledge of working with analysis of security and user behavioral patterns within a corporate environment
  • Experience working in a customer facing role, preferably financial services oriented, or internal experience at a financial services institution
  • Preferably, 7+ years of experience within the information security field

22CyberOPS

When you join Verizon...

You’ll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America’s fastest and most reliable network, we’re leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we’re about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.

Equal Employment Opportunity

We're proud to be an equal opportunity employer- and celebrate our employees' differences,including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.