Splunk Implementation Manager - Cybersecurity & Threat Detection

TC - CS - CDR - Splunk - Manager

At EY, we’re all in to shape your future with confidence. 

We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. 

Join EY and help to build a better working world. 

 

Manager (CTM – Threat Detection & Response) – Splunk

 

We are seeking a highly skilled and experienced Splunk Implementation Manager to join our team. The ideal candidate will have a strong background in cybersecurity and extensive experience with Splunk, particularly in implementing and managing the Enterprise Security (ES) App. As a Splunk Implementation Manager, you will be responsible for leading and overseeing the deployment, configuration, and management of Splunk solutions to ensure our clients' security needs are met. Experience in Security Orchestration, Automation, and Response (SOAR) and Endpoint Detection and Response (EDR) is essential. You will also work closely with SOC teams and handle project management responsibilities, including responding to Requests for Proposals (RFPs).

 

 

Key Responsibilities:

 

• Lead the design, implementation, and management of Splunk solutions (On-prem and Cloud), with a focus on the Enterprise Security (ES) App.
• Collaborate with clients to understand their security requirements and translate them into effective Splunk use cases.
• Oversee the installation, configuration, and optimization of Splunk instances, including indexers, forwarders, and search heads.
• Conduct regular assessments of clients' Splunk environments to identify areas for improvement and implement necessary enhancements.
• Provide technical guidance and support to clients during the implementation and post-implementation phases.
• Train and mentor junior team members on Splunk best practices and advanced features.
• Stay updated on the latest developments in Splunk and cybersecurity to ensure the highest level of expertise and service delivery.
• Manage project timelines, budgets, and resources to ensure successful completion of implementation projects.
• Work closely with SOC teams to ensure seamless integration and operation of Splunk solutions within their workflows.
• Knowledge in SOAR and EDR, work with these teams to ensure integration and optimization through automation.
• Experience with integration and optimization of logs from cloud environments (AWS, GCP, and Azure).
• Ensure effective communication and coordination between project stakeholders, including clients and internal teams.
• Participate in and manage the preparation of responses to Requests for Proposals (RFPs), including technical solution design and project planning.

 

 

Mandatory Skills and Qualifications:

 

• Bachelor’s degree in Computer Science, Information Technology, or a related field.
• 8+ Years’ experience in Cyber Security with a good of knowledge in network architecture, Cloud Security and Microsoft technologies
• Extensive experience with Splunk, including implementation and management of the Enterprise Security (ES) App.
• Strong understanding of security operations, threat detection, and incident response.
• Hands-on experience with Splunk configuration, including indexers, forwarders, and search heads.
• Experience with SOAR and EDR solutions.
• Strong project management skills, with the ability to manage multiple projects simultaneously.
• Effective communication and interpersonal skills to interact with clients and internal teams.
• Experience in preparing and responding to RFPs.
• Experience working closely with SOC teams to ensure effective security operations.
• Experience with configuration and integration of cloud environments (AWS, GCP, and Azure).
• Splunk certifications such as Splunk Certified Architect or Splunk Certified Consultant.

 

 

Preferred Qualifications:

 

• Master’s degree in Cybersecurity, Information Technology, or a related field.
• Experience with other SIEM solutions and cybersecurity tools.
• Knowledge of scripting languages such as Python or PowerShell for automation and integration tasks.
• Familiarity with regulatory requirements and industry standards related to cybersecurity.

 

EY | Building a better working world

EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.

Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.

EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

Experience Level

Mid Level