Sr. Security Analyst, Security Delivery

**Our Culture**:
At STS we are proud of our culture and how it drives everything we do. We are looking for individuals who share our values and want to be part of a unique and engaging culture that revolves around collaboration and innovation. If you are looking for a role where you can drive engagement and excellence across teams through commitment and collaboration, and are someone who is customer-centric and appreciates an organization with uncompromised integrity that focuses on employee engagement then read on to learn more about how you can become part of the STS family.

**Duties and Responsibilities**:

- Building, running, and managing the day-to-day operations of the security operations center, Investigating incidents, and lead response efforts as applicable and when needed.
- Creation of technically detailed reports on the status of the SIEM to include metrics on items such as a number of logging sources.
- Working alongside the SOC Unit Team and Automation Unit team for configuring, maintaining, tuning, and enhancing the SIEM platform.
- Responsible for the investigation - log and network forensics to identify leads.
- Support security engineering requirements for projects, transitions, and transformations
- Design and implement solutions to address business problems in various industry verticals.
- Experience with implementing and administering Splunk.
- Maintain engineering and security documentation, and assist customers in fully optimizing the SIEM system capabilities the audit and logging features of the event log sources.

**Requirements**:

- B.S. in Computer Science or equivalent
- 5+ years of experience in information system architecture methodologies, or an equivalent combination of education and work experience.

**Technical**:
**Must have**:

- Experience in design, implementation, and support of Splunk (Indexers, Forwarders, Search-Heads Setup etc), FortiSeim & Sentinel SIEM
- Experience with implementing and administering Splunk.
- Good understanding with virtualization technologies (Hypervisor, VMware, etc)
- Apps/Dashboards for license usage and Application errors.
- Experience with Linux and Windows agents for Splunk administration with a solid understanding of the Splunk system.
- Ability to create operations documentation for maintaining the Splunk infrastructure.
- Identifying bad searches/dashboards and partnering with the creators to improve performance.
- Troubleshooting Splunk performance issues / Opening support cases with Splunk.
- Monitor the Splunk infrastructure for capacity planning and optimization.
- Troubleshoot log feeds, field extractions, search time, etc.
- Restrict access to sensitive logs/data
- Experience in onboarding new data, Inputting new information, Creating new dashboards, Extraction info through Splunk
- Report generation and customization

**Requirements**:

- Splunk Admin Certification or higher
- Experience with databases.
- Has a broad experience from either a development or operations perspective
- Drive complex deployments of Splunk dashboards and reports while working side by side with the customers to solve their unique problems across a variety of use cases
- Assist internal users of Splunk in designing and maintaining production-quality dashboards.
- High skills in writing High level documentations.

**Non-Technical**:
**Must have**:

- Analytical and problem solving skills.
- Strong written and verbal communication skills.
- Ability to work effectively under pressure with constantly changing priorities and deadlines.
- Experience working with team members in multiple site locations
- Ability to work independently and as a team member.