Information & Event Management Engineer
San Antonio, TX 78216
Our client has been recognized as one of the Best Companies to Work for in Texas and has an exciting opportunity for the right individual to join an energetic and seasoned team, with an established and expanding national firm.
Headquartered in San Antonio, our client is a diversified financial services company providing a wide range of insurance, mortgage, and investment services to financial institutions, businesses, and individuals. With offices across the country, our client is committed to providing quality products, outstanding service, and customized solutions in all 50 states.
Serves as a subject matter expert responsible for implementing and managing the Company’s information and event strategy. Leads an enterprise-wide program to consolidate, manage, and report on logs, events, and alerts from private and public cloud interconnected systems and applications. Leverages log management software platforms and cloud based services to provide visibility into the security, performance, and availability of critical infrastructure and applications. This includes but is not limited to Splunk administration, elasticsearch, logstash, and kibana (ELK) configuration, native public cloud log solutions, and SIEM maintenance. Supports information security and operations team reporting requirements and administers on premise and public cloud hosted log management and analysis platforms. Supports teams within a collaborative environment that leverages the security-development-operations (SecDevOps) and site reliability engineering (SRE) practices. Flexibility in working on multiple, technical projects with several development and infrastructure teams is essential.
- Configures log sources, performs log analysis, initiates responses to events, coordinates long-term storage resources and plans for disaster recovery. Ensures availability, integrity, optimal configuration and performance of log solutions. Develops dashboards and reports for application health intelligence and performance to provide deep learning and knowledge of baseline performance, deviations, and alerting thresholds for incident response.
- Collaborates and consults with cloud, application, and system architects, administrators, developers, software engineers, and operations teams to develop, implement, and maintain an effective log management environment inclusive of private and multiple public cloud environments.
- Ensures relevant log sources are identified and consolidated into repositories to support operational, security, and compliance requirements. Maps logs and related alerts to applications to provide a single view of events and information for critical applications. Correlates logs to improve and optimize SIEM deployment and alerting.
- Uses application programming interfaces (APIs), web services, and cloud native log services to integrate and collect logs for storage into a central repository. Develops dashboards and leverages tools to mine data to support operational and security priorities.
- Manages public and private cloud log environments and checks for upgrades and patches to logging software, and acquires, tests, and deploys them according to a strict change management protocol (e.g., administers Splunk indexers, forwarders, search heads, users, storage, source types, apps, and alerts). Ensures log sources are synchronized to a common time source
- Monitors the logging status of all log sources, log rotation, and archival processes for public and private cloud environments. Configures/optimizes current logging configurations (e.g., search heads/search head clusters, deployment server & event dashboards).
- Develops and re-configures logging as needed based on policy changes, technology changes, compliance, or other factors.
- Maintains appropriate disaster recovery plans and strategies to assure high availability of the logging environment. Documents and reports anomalies in log settings, configurations, and processes and risks to the availability, integrity, and confidentiality of the log environment.
- Performs all other duties as assigned.
High School or GED equivalent required.
- Minimum of three (3) years’ experience managing a logging platform in an enterprise environment with experience planning for future log growth, either on premise or cloud
- Minimum of two (2) years’ coding, scripting or development experience
- Minimum of two (2) years’ experience supporting a Microsoft Windows enterprise environment
Must have the following:
- Experience administering and optimizing an on premise Splunk environment is required
- Basic Linux administration, network logging and cloud administration skills is highly desired
- Knowledge of ELK use and deployment in a cloud public cloud environment (AWS and Azure) highly desired
- Knowledge of Security Event and Incident Management (SIEM) system optimization and tools is desired
- Knowledge of logging within AWS and Azure environments and between public and cloud environments is highly desired
- Experience in system operations, application development, log management, and information security.
- Must have a working knowledge of Microsoft Active Directory, Exchange, and Office 365.
- Must have demonstrated software troubleshooting and log analysis skills
- Must have general understanding of ITIL, network, and information security procedures and standards
- Must have strong analytical and problem solving skills
- Must have exceptional communication and interpersonal skills to effectively communicate with a wide range of stakeholders.
- Must have the ability to balance multiple competing priorities
- Excellent organizational skills.
- Strong analytical skills.
- Able to use basic office equipment, including copy machine, personal computer, and fax.
- Able to travel locally by car.
- CompTIA Security + certification is required within 12 months of hire
- Splunk Certification or AWS Certified Cloud Practitioner is preferred
Must be able to:
- Sit for long periods of time performing sedentary activities.
- Stand, stoop, and kneel to file for long periods of time.
- Push, pull, and lift up to 20 lbs. of electronic/communications equipment or other documents.
Substance-Free Workplace and requires pre-employment drug testing.
Client does not hire tobacco users as allowed by law.
Client offers an excellent employee benefits package that includes: 401(k) with company match, medical/dental, Life, Long Term Disability, Accidental Death and Dismemberment, and Long Term Care insurance policies. Opportunities for professional growth are also offered.