The successful candidates will be responsible for the development of the application landscape for Information Risk Management Investigation Platform (IRM IP). The candidate must be capable of working independently and collaboratively, developing and configuring the platform, including Splunk and the AWS environment; implementing changes; on boarding and optimizing feeds on a Splunk platform hosted in an AWS cloud with thousands of data feeds from a multitude of third party suppliers of the organization.
The IRM IP DevOps Knowledge Manager will:
* Work with the Scrum Master, Project Manager, Business Analyst and Product Owner to develop and implement changes to the IRM IP landscape, including Splunk configuration and changes to the underlying on-premise and cloud infrastructure;
* Deliver changes that meet business requirements and ensure stability of the platform;
* Develop and configure Splunk application per requirements delivered via regular sprints per the standard platform change processes.
* Manages data on boarding and defining configurations;
* Performs data interpretation, classification, and enrichment;
* Builds data models;
* Manages knowledge objects (fields, extractions, tags, event types, lookups, workflow actions, aliases, macros etc.);
* Configures summary-based reports and data model acceleration.
Development, Changes & Configuration
* Onboard new data feeds to IRM IP, translating Splunk based use-cases to data objects required from source systems (servers, databases, networking devices);
* Data optimization & life cycle management - Perform normalisation to Common Information Model - mapping fields/ events to Splunk's schema to maximise efficiency at search time;
* Create approaches for automated testing and deployment, including test and deployment strategies;
* Work as one team with IT process support teams and other Tier 2 technical teams to ensure seamless delivery and solutions according to specifications;
* Coach and develop team members and provide oversight and perform quality assurance over their work delivered;
* Configuration Management: Ensure configurations of the platform and source systems are documented and maintained;
* Release Management: Ensure impact analysis is done on the integrating applications and technologies for periodic technical and/or content releases of the SaaS solution and inclusion in the IRM IP product backlog;
* Supportability: ensure the changes, configurations and project deliverables/solutions you create are successfully delivered and can be supported in the SaaS landscape;
* Collaborate with other IT support teams and SaaS/Cloud suppliers, and understand their OLAs, SLAs and ways of working, and how this impacts the successful delivery of IRM IP changes;
* Ensure availability, reliability, consistency of data throughout all integrated applications in the landscape (input-output);
* Be able to flex responsibilities as needed with support engineers as part of a DevOps team.
Dimensions and Special Challenges
* IRM IP is a system used globally by the organization to identify, investigate and manage potential security events of interest;
* Virtual working in a global environment with culturally diverse teams and across many organizational boundaries (within and across IT support and delivery organizations, including suppliers);
* Managing multiple delivery priorities, multiple demand requests and complex issues;
* High degree of application, technology and cloud landscape complexity and integration;
* Works as one team with cyber defence to ensure seamless deployments of changes and maximum added value for the organization by proposing continuous improvements in line with the business needs and strategy.
Mandatory Qualifications and Skills
* Splunk technical skills based on training and practical experience configuring, administering and/or supporting Splunk;
* Splunk Certified Power User;
* 2-4 years software engineering and/or systems support experience;
* Understand basic fundamentals of software development processes and procedures;
* Understand basic fundamentals of iterative development and continuous delivery;
* Self-starter able to handle concurrent tasks with appropriate priority;
* Minimum Education: 4-year Degree related to IT;
* Demonstrated experience with the majority of points below:
* Coding or scripting experience – perl, python, jscript, C++, PowerShell;
* Experience with Big Data architecture / technology, implementation and operation;
* Experience with UNIX operating systems functions: operation, networking, and logging;
* Experience with Windows operating system functions: operation, networking, and logging;
* Experience with AWS and Azure;
* Experience with network device functions;
* Must be able to worked independently on the stated requirements along with verification and validation of the code built by him/her and the immediate team;
* Must have experience in preparing & reviewing test cases, test scripts and test evidences;
* Should be able to create implementation plan for project ‘Go Live’.
Desired Qualifications and Skills
* Minimum 1-2 years Splunk development, configuration, administration or support experience;
* Strong understanding of Splunk config. model, web UI and CIM;
* Experience with basic Splunk Search Processing Language (SPL);
* Experience with DevOps Tools like DevOps Tools (for example Jenkins, GitHub, Docker, Chef);
* Basic understanding of regular expressions;
* Prior experience working in agile/scrum delivery teams;
* Experience working with ITIL processes;
* Experience in working with cloud environments;
* Experience of working on risk management or cyber security projects preferred.
Michael Bailey International is acting as an Employment Business in relation to this vacancy.