Lead IT Security Engineer

Lead IT Security Engineer National Medical Care Inc. a Fresenius Medical Care N.A. company Lexington Massachusetts (Remote)

Will be responsible for managing configuring and optimizing our Splunk security environment to ensure maximum performance and efficiency. Will collaborate with various teams to analyze troubleshoot and enhance data visibility and reporting capabilities across the organization. Specific duties will include:

• Implement and manage advanced security measures using Splunk Cloud to protect information network infrastructure and computer systems ensuring proactive threat detection and mitigation.
• Architect comprehensive cybersecurity solutions and strategies leveraging Splunk Clouds real-time data analytics and Cribl LogStream data routing capabilities to monitor and secure cloud environments.
• Design and implement fully automated server provisioning monitoring and deployment pipelines using Splunk Cloud Cribl Python Shell scripts and CI/CD tools like Jenkins Git and Bitbucket.
• Deploy Splunk Cloud apps and Cribl LogStream to monitor systems and networks for security breaches and intrusions enabling seamless data collection and analysis from cloud environments.
• Set up advanced alerts dashboards and reports in Splunk Cloud to provide real-time visibility into digital platform performance using Cribl to route and filter log data efficiently for anomaly detection.
• Develop proactive monitoring systems leveraging Cribl to route and filter application logs and use Splunk Cloud to analyze system health trigger automated alerts and generate Key Risk Indicator (KRI) dashboards.
• Define and enforce security policies including patch management hardening and continuous monitoring of critical cloud-based systems and workstations using Splunk Clouds security insights and Cribl log processing capabilities.
• Manage and troubleshoot security infrastructure utilizing Splunk Cloud for continuous security monitoring and Cribl to optimize data pipelines and enhance security data analysis.
• Leverage Splunk Clouds performance monitoring tools and Cribl data routing functionalities to analyze system stability configure monitoring thresholds and establish alerts to maintain operational performance.
• Lead incident response efforts in the event of a disaster or operational downtime utilizing Splunk Clouds real-time monitoring and Cribl routing capabilities to quickly identify root causes and resolve system issues.
• Work closely with stakeholders to identify and document system security requirements recommending solutions that integrate Splunk Cloud and Cribl to improve overall system security and data management strategies.

Requirements:

Position requires either: (i) a Bachelors degree (or an equivalent foreign degree) in Computer Science Computer Information Systems Computer Engineering IT or a closely related field and 6 years of experience as an Information Security Engineer working with Splunk or (ii) a Masters degree (or an equivalent foreign degree) in Computer Science Computer Information Systems Computer Engineering IT or a closely related field and 4 years of experience as an Information Security Engineer working with Splunk. Position also requires four years of experience working with the following:

• Splunk architecture data ingestion and search language (SPL);
• Designing and implementing automated server build management monitoring and deployment.
• Firewall and Intrusion Detection technologies including Cisco ASA Palo Alto Networks and Snort.
• Configuring alerts dashboards and reports to give visibility into the performance of digital platforms and monitoring systems and networks for irregular behavior.
• Developing and implementing incident response procedures to mitigate security threats.
• Automating security tasks and enhancing threat hunting capabilities using scripting languages including Python PowerShell and Bash.

This is a telecommuting position working from home. May reside anywhere in the United States.