Senior SIEM Engineer:
The Information Security and Risk Management (ISRM) organization is seeking a Senior SIEM Engineer to join our growing SIEM & Cyber Fusion Engineering team. This candidate will join a team in managing a large enterprise deployment of Splunk and Enterprise Security and partnering with our SOC, CIRT, Threat Detection, and Cyber Intel functions to deliver capabilities to improve their ability to defend Thomson Reuters from cyber threats.
About the Role
In this opportunity as Sr SIEM Engineer, you will:
- Be responsible for monitoring and stability of Splunk, and Enterprise Security SIEM platform
- Embed automation into the deployment and management of the infrastructure and application
- Identify and remediate of SIEM application defects / process failures
- Onboard new application and platform logs via syslog, endpoint agents, and APIs
- Collaborate with our SOC, CIRT, Threat Detection, and Cyber Intel teams on operationalizing use cases within Splunk to detect threats
- Create and maintain documentation to support SIEM platform
- Implement industry best practices for managing an enterprise scale service and continuously seeking iterative improvements
- Facilitate high availability and disaster recovery capabilities
- Operate in a dynamic, fast-changing, and innovative environment
- Have an operating style that is collaborative, energetic, and results-oriented
- Demonstrate the ability to employ judgment and experience to make rapid, complex decisions
About You
- Essential skills and experience:
- Bachelor’s degree preferred or 3+ years of related military, government, or consulting experience
- Experience working on large deployments of Splunk or other SIEM technologies
- 3+ years work experience in Information Technology
- 2+ years supporting Linux and Windows based platforms
- Experience deploying, managing, and scaling cloud infrastructure in AWS, Azure, GCP, or OCI
- Solid understanding of network transport protocols and services (TCP/IP, syslog, DNS, ODBC, SFTP, SSH, PKI, etc.)
- General scripting proficiency (i.e. Bash, Python, Perl, regular expressions, etc.)
- Experience researching, analyzing, and resolving complex problems with minimal supervision
- Attention to detail and accuracy
- Experience managing multiple projects and deadlines
- Must possess excellent written and verbal communication skills
Preferred skills and experience:
- Splunk Certifications in any of the following: Certified Admin, Certified Architect, Certified Consultant, or Enterprise Security Certified Admin preferred
- Experience with DevOps technologies such as Jenkins, CodePipeline, Terraform, etc…
- 2+ years of IT Security experience is preferred
- Linux, Networking, or Security certifications a plus
- Experience working in agile project methodology
- An operating style that is collaborative, energetic, and results-oriented
- Software development/scripting experience (e.g. Python, Go, Ruby, BASH) related to automating processes
- Experience working in FedRAMP authorization boundaries is a major plus
#LI-HS1
What's in it For You?
You will join our inclusive culture of world-class talent, where we are committed to your personal and professional growth through:
Hybrid Work Model: We’ve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected
Wellbeing: Comprehensive benefit plans; flexible and supportive benefits for work-life balance: flexible vacation, two company-wide Mental Health Days Off; work from another location for up to a total of 8 weeks in a year, 4 of those weeks can be out of the country and the remaining in the country, Headspace app subscription; retirement, savings, tuition reimbursement, and employee incentive programs; resources for mental, physical, and financial wellbeing.
Culture: Globally recognized and award-winning reputation for equality, diversity and inclusion, flexibility, work-life balance, and more.
Learning & Development: LinkedIn Learning access; internal Talent Marketplace with opportunities to work on projects cross-company; Ten Thousand Coffees Thomson Reuters café networking.
Social Impact: Ten employee-driven Business Resource Groups; two paid volunteer days annually; Environmental, Social and Governance (ESG) initiatives for local and global impact.
Purpose Driven Work: We have a superpower that we’ve never talked about with as much pride as we should – we are one of the only companies on the planet that helps its customers pursue justice, truth and transparency. Together, with the professionals and institutions we serve, we help uphold the rule of law, turn the wheels of commerce, catch bad actors, report the facts, and provide trusted, unbiased information to people all over the world.
Do you want to be part of a team helping re-invent the way knowledge professionals work? How about a team that works every day to create a more transparent, just and inclusive future? At Thomson Reuters, we’ve been doing just that for almost 160 years. Our industry-leading products and services include highly specialized information-enabled software and tools for legal, tax, accounting and compliance professionals combined with the world’s most global news services – Reuters. We help these professionals do their jobs better, creating more time for them to focus on the things that matter most: advising, advocating, negotiating, governing and informing.
We are powered by the talents of 26,000 employees across more than 70 countries, where everyone has a chance to contribute and grow professionally in flexible work environments that celebrate diversity and inclusion. At a time when objectivity, accuracy, fairness and transparency are under attack, we consider it our duty to pursue them. Sound exciting? Join us and help shape the industries that move society forward.
Accessibility
As a global business, we rely on diversity of culture and thought to deliver on our goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law. Thomson Reuters is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.
We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law.
Protect yourself from fraudulent job postings click here to know more.
More information about Thomson Reuters can be found on https://thomsonreuters.com.