EY Jobs

Job Information

EY SIEM Support Engineer in Argentina

SIEM Support Engineer

Core Business Services

Requisition # ARG0032N

Post Date Jun 29, 2020

SIEM Support Engineer

We are looking for a SIEM Support Engineer , who will become part of our Security Technology Operations team. The ideal candidate will have prior experience implementing and supporting an SIEM technologies such as Splunk, SOAR, Securonix, Microsoft Azure Sentinel as well as RSA Archer.

What are you going to do?

  • Key responsibilities will include the implementation and run station of SIEM Support technologies .The role performs Level 3 support for Information Security SIEM technologies.Responsibilities involve the daily management of incidents, operational maintenance and support, and proactive/preventative analysis of systems.Applications can reside in EY as well as within vendor facilities and cloud.

  • Provide technical oversight of Information Security technologies that fall under the team’s responsibilities, confirming they are operating within agreed service levels and at peak possible performance.

  • Monitoring performance of correlated and scheduled searches and identify opportunities to make searches/dashboards more efficient in Splunk to improve their performance.

  • Creating/Testing/Deploying Splunk upgrades, configurations changes, etc. in multiple environments.

  • Monitoring the Splunk infrastructure (including but not limited to non-performant queries and dashboards, key health indicators of the platform).

  • Manage, drive and coordinate planned maintenance activities as well as the standardization and automation of processes and procedures for Information Security technologies.

  • Represent the team in specific project activities, including participating in projects and driving team deliverables towards successful completion.

  • Articulate technology issues/concerns that may emerge at any level of the technical stack, and from any component across the ecosystem, to technology leaders.

What do we need fromyou?

  • We are interested in people who bring in operationalexperience in large environment having performed detailed troubleshooting ofissues, by using their analytical skills and collaborating with other technicalteams, stakeholders and internal and external customers.As a successful candidate, you will havefunctional and/or technical experience in supporting a variety of SecurityInformation and Event Management tools.

  • 5-7 years ofexperience in an enterprise IT support role.

  • Workingknowledge of scripting languages such as Python and PowerShell.

  • Knowledgeof Query Languages such as SPL (Search Processing Language) and KQL (KeywordQuery Language) is a plus.

  • Splunkexperience in Multicluster/Multi site environment.

  • Possess skillswithin the Azure cloud technology stack including knowledge of Azure AD,Sentinel, DevOps is a large plus.

  • Several years’experience working in a large global virtual environment

  • Strong Englishlanguage skills – written and verbal.

  • Bachelor'sdegree in computer related field or equivalent work experience.

  • InformationTechnology Infrastructure Library (ITIL v2 or v3 Foundations training)(preferred)

  • Experience inproject management, service introduction, and service readiness.

  • Excellent problem solving, decision making andcommunication skills.

Shift: Monday to Friday from 2 to 11 PM.

Location: Microcentro

EY, an equal employment opportunity employer, values the diversityof our workforce and the knowledge of our people.