United Technologies Corporation Cybersecurity Splunk Engineer in Farmington, Connecticut

Job ID: 71426BR

City: Farmington

State: Connecticut

Country: United States

Category: Information Technology

Job Type: Full Time

Description:

With revenues of approximately $57 billion, United Technologies Corporation (UTC) is a Fortune 50 company that provides high technology products and services for the aerospace and commercial building industries. Our aerospace businesses include Pratt & Whitney and UTC Aerospace Systems. Pratt & Whitney is a world leader in the design, manufacture and service of aircraft engines. UTC Aerospace Systems is one of the world’s largest suppliers of technologically advanced aerospace and defense products.

Our commercial building businesses include Otis Elevator and Climate, Controls & Security. Otis is the world’s largest manufacturer and maintainer of people-moving products, including elevators, escalators and moving walkways. UTC Climate, Controls & Security is a leading provider of heating, air conditioning and refrigeration systems, building controls and automation, and fire and security systems. These companies are leading to safer, smarter, sustainable and high-performance buildings.

Ranked among the world’s greenest companies, we do business in virtually every country of the world and have over 196,000 employees globally.

Job Responsibilities

The Cybersecurity Splunk Engineer position is an exciting and challenging opportunity for a dynamic IT professional who seeks to leverage their existing experience and technical skills to develop and deploy world-class security technologies to protect the global UTC environment. Responsibilities for this role include:

  • Designing, developing, testing, troubleshooting, deploying and maintaining Splunk Enterprise solutions

  • Interface with a variety of internal/external teams and applications for data onboarding and normalization.

  • User and group management using SAML and Azure Active Directory as well as local Splunk authentication/authorization.

  • Manage data retention policies, perform index administration, index maintenance and index optimization, as well as perform configuration backups.

  • Troubleshoot Splunk performance and access issues, as well as Splunk Universal Forwarder problems and issues.

  • Maintain the Splunk platform in regard to new versions, patching and audit compliance

  • Work closely with Cybersecurity, Infrastructure, and Application teams to assist in developing reliable, efficient queries that will feed custom alerts and dashboards

  • Create and maintain comprehensive technical documentation (SOPs) and diagrams related to the architecture and operational processes for the Splunk Enterprise platform suite.

  • Mentor members of the technical staff to support and assist in Splunk-related activities

  • Assist the Cybersecurity team & other technical teams in creating production-quality dashboards, reports and threshold alerting mechanisms

  • Support Splunk in a Cloud environment (i.e. Microsoft Azure) using RHEL 7.x as the host OS

  • Standardize Splunk Universal Forwarder deployment, configuration and maintenance across a variety of platforms (Windows, Linux, AIX, & Mac OS).

  • Design and solve complex Integration challenges and debug complex configuration issue

Qualification:

The ideal candidate will have experience in several of the following competencies:

  • Splunk experience - minimum 3 to 5 years' proven experience architecting, configuring, deploying, and customizing Splunk Enterprise (preferably 6.x+)

  • Splunk Architect or Splunk Administrator certification preferred

  • Technical knowledge in advanced Security technologies (DLP, IDS, IPS, SIEM, Active Directory…), COTS Security offerings, networking, desktop and server operating systems (Wintel and UNIX variants).

  • Extensive knowledge of a tiered Splunk architecture and best practices installation; indexers, forwarders, search heads, clusters

  • Strong working knowledge of the Splunk platform, including administration of a distributed Splunk environment and Splunk Application for Enterprise Security (ES).

  • Experience with installing, building and working with Splunk Apps and add-ons in a distributed cluster

  • Knowledge in the Common Information Model (CIM), Understand the relationship between the CIM and knowledge objects, ability to create a lookup file and create a lookup definition, field aliases and calculated fields

  • Demonstrated ability to create complex dashboards, reports, forms, alerts, and visualizations

  • Solid understanding of logging technologies (i.e. syslog, Windows events, RHEL auditd, etc.)

  • Experience with automation of Linux infrastructure configurations (Ansible preferred, RHEL 7.x) and deployment / configuration with CIS benchmarks

  • Proficient in Git, Github or other source control platforms

  • Problem solving and analytical abilities including the ability to critically evaluate information gathered from multiple sources, reconcile conflicts, decompose high-level information into details and apply sound business knowledge

  • Excellent interpersonal, verbal and written communication skills

  • Understanding of basic project management principles

  • This position is based in Farmington, Connecticut.

  • Candidates must be United States Citizens or Permanent Resident.

Education:

  • Bachelor’s Degree in Computer Science, Management of Information Systems, or related business discipline(s) desired.

  • Demonstrated professional achievement in the security arena (e.g. CISSP, Security+, Splunk Certified, etc.)

  • Master’s Degree preferred but not required

United Technologies Corporation is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Qualification:

The ideal candidate will have experience in several of the following competencies:

  • Splunk experience - minimum 3 to 5 years' proven experience architecting, configuring, deploying, and customizing Splunk Enterprise (preferably 6.x+)

  • Splunk Architect or Splunk Administrator certification preferred

  • Technical knowledge in advanced Security technologies (DLP, IDS, IPS, SIEM, Active Directory…), COTS Security offerings, networking, desktop and server operating systems (Wintel and UNIX variants).

  • Extensive knowledge of a tiered Splunk architecture and best practices installation; indexers, forwarders, search heads, clusters

  • Strong working knowledge of the Splunk platform, including administration of a distributed Splunk environment and Splunk Application for Enterprise Security (ES).

  • Experience with installing, building and working with Splunk Apps and add-ons in a distributed cluster

  • Knowledge in the Common Information Model (CIM), Understand the relationship between the CIM and knowledge objects, ability to create a lookup file and create a lookup definition, field aliases and calculated fields

  • Demonstrated ability to create complex dashboards, reports, forms, alerts, and visualizations

  • Solid understanding of logging technologies (i.e. syslog, Windows events, RHEL auditd, etc.)

  • Experience with automation of Linux infrastructure configurations (Ansible preferred, RHEL 7.x) and deployment / configuration with CIS benchmarks

  • Proficient in Git, Github or other source control platforms

  • Problem solving and analytical abilities including the ability to critically evaluate information gathered from multiple sources, reconcile conflicts, decompose high-level information into details and apply sound business knowledge

  • Excellent interpersonal, verbal and written communication skills

  • Understanding of basic project management principles

  • This position is based in Farmington, Connecticut.

  • Candidates must be United States Citizens or Permanent Resident.

United Technologies Corporation is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.