Splunk Cloud Engineer - Associate

Job Title: Splunk Cloud Engineer

Splunk Cloud Engineer with experience in Security Information and Event Management, log management and data onboarding. The role focuses on ingesting, normalizing and validating data sources into Splunk to support Security Operations, Information Technology operations and Compliance use cases. The Associate will work closely with System on a Chip analyst, platform engineers and application owners to engineer different kinds of solutions.

What We Offer You:

• A diverse and inclusive environment that embraces change, innovation, and collaboration
• A hybrid working model, allowing for in-office / work from home flexibility, generous vacation, personal and volunteer days
• Employee Resource Groups support an inclusive workplace for everyone and promote community engagement
• Competitive compensation packages including health and wellbeing benefits, retirement savings plans, parental leave, and family building benefits
• Educational resources, matching gifts, and volunteer programs

What You'll Do:

• Work with stakeholders to gather requirements for new sources and translate them into onboarding plans
• Configure and manage Splunk data inputs (Syslog, Universal forwarders, Application Programming Interface, Hybrid Electronic Cluster, cloud connectors etc.)
• Develop and maintain technical add-ons for field extractions, data parsing and normalization
• Ensure logs are onboarded following best practices for Common Information Model compliance and security frameworks (MITRE ATT&CK Framework, National Institute of Standards and Technology etc.)
• Troubleshoot ingestion issues across forwarders, indexers and parsing capabilities
• Automate onboarding workflows with scripts, dashboards, automation tools (Python, Ansible, Terraform etc.)

Skills You'll Need:

• Bachelors Degree or equivalent experience required
• Experienced in Splunk developing, onboarding and SIEM engineering along with Splunk universal forwarders, heavy forwarders and indexers
• Expertise in Splunk SPL for data validation and dashboards
• Proficiency in data parsing and field extractions using props.conf, transforms.conf and Regex

Skills That Will Help You Excel:

• Knowledge of operating system logs (windows, Linux), Network/Security devices (firewalls, Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), proxies) and cloud platforms (Google Cloud Program, Azure, Amazon Web Services)
• Scripting/programming knowledge (Python, Bash, Power shell)
• Strong problem-solving and communication skills
• Experience on migration to Splunk cloud

Expectations:

It is the Bank's expectation that employees hired into this role will work in the Arlington office in accordance with the Bank's hybrid working model.

Deutsche Bank provides reasonable accommodations to candidates and employees with a substantiated need based on disability and/or religion.

The salary range for this position in Arlington, VA is $85,000 to $120,750. Actual salaries may be based on a number of factors including, but not limited to, a candidate's skill set, experience, education, work location and other qualifications. Posted salary ranges do not include incentive compensation or any other type of remuneration.

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.

Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group.

We welcome applications from all people and promote a positive, fair and inclusive work environment.