Provide senior-level technical oversight and strategic direction for internal and externally staffed teams responsible for the design, development, installation, deployment and 24x7 support of the corporate-wide information security logging and monitoring program.   Work with Information Security and IT management and partners, and line of business (LoB) leaders to develop and implement technology-based solutions that satisfy business requirements while providing long-term value.  Interact with technical and nontechnical LOBs to ensure that proper IT governance and technical oversight is followed and ensure the implementation of consistent and supportable technical solutions. Ensure that all information security technology infrastructures meet internal technical standards for integration and support. Partner with internal clients in developing technical solutions that ensure client success and achieve legal and regulatory compliance.



Essential Duties and Responsibilities:

Following is a summary of the essential functions for this job.  Other duties may be performed, both major and minor, which are not mentioned below.  Specific activities may change from time to time.

1.    Provide essential technical oversight and mentoring to a team of associates focusing on data collection, structure, and risk identification with focus on data quality.  Coordinate efforts related to ingesting application logs from line of business application owners with a focus on data quality and implementation best practices. 

2.    Integration of data feeds (logs) into Splunk. Perform Content Development to properly identify data feeding SIEM’s and correlation of events. Develop filters to assist in the identification of risk or suspicious events.

3.    Participate in the development of strategic policy for information security technologies. Provide necessary subject matter expertise and ensure implementation of information security architecture, risk management standards, best practices and systems/processes to ensure information privacy/protection. Communicate strategic direction to peers, subordinates, clients and vendors.

4.    Interact with management to determine acceptable levels of risks as business model and risk profile changes and align security program accordingly. Provide necessary subject matter expertise and coordinate efforts on a corporate-level to identify key security risks, needs and initiatives.

5.    Provide leadership and guidance in the planning of corporate, client and internal information security technology projects. Work with senior management to ensure adequate staffing is available to complete initiatives/projects. Identify and execute on opportunities for staff augmentation via offshoring.

6.    Configure and maintain Splunk ES, Securonix, and/or other security solutions in security analytics environments. 

7.    Implement and monitor controls to ensure that the availability, reliability, performance and service levels of the information security technology infrastructure remain consistently high and in line with LOB expectations. Direct team activities during production problems.

8.    Develop processes, procedures, and methodologies to analyze and measure security risk and implement appropriate risk mitigation methodologies

9.    Provide oversight on the team efforts to ensure Corporate Information Security and D&TS standards, processes and best practices are followed.

10.    Maintain awareness of changes in industry. Attend classes and seminars, as required, to maintain a high level of proficiency in fields of information security and security analytics.  Network with other information security professionals.  Read about and be aware of trends regarding business recovery planning and security in industry.



Required Skills and Competencies:

The requirements listed below are representative of the knowledge, skill and/or ability required.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

1.    Bachelor’s degree in Computer Science or relevant field, or equivalent education and related training

2.    Ten years of Information Security experience

3.    Certified Information Systems Security Professional (CISSP) certification

4.    Extensive understanding of applied enterprise information security technologies

5.    Aptitude towards strategic thought and people leadership while showing ability to influence direction

6.    Demonstrated SME level understanding of Splunk and Splunk Enterprise Security (ES) including the Splunk Admin certification designation

7.    Good written and verbal communication, team and people skills; ability to share information and communicate clearly with team members and internal and external clients

8.    Demonstrated proficiency in data analytics or data science concepts and best practices

9.    Demonstrated understanding of application and infrastructure log formats and data quality best practices as it related to Splunk and Splunk Enterprise Security (ES)



Desired Skills:

1.    Certified Secure Software Lifecycle Professional (CSSLP) or Certified Information Security Manager (CISM) certification

2.    Knowledge of financial services industry and all applicable regulations and industry standards

3.   Splunk Architect Certification



Job Location: Wilson, NC preferred (will consider Raleigh, NC)