Chief Splunk Architect Security Information and Event Management Operations Engineer - Assistant Vice President

Job Title: Chief Splunk Architect Security Information and Event Management Operations Engineer

Corporate Title: Assistant Vice President

Location: McLean, VA

Overview

Our Chief Information Security Office (CISO) is responsible for addressing information security risks to the Deutsche Bank global IT department and, as a Security Engineer, you will play a key technical role in our Security Information and Event Management (SIEM) Engineering team within the Global Cyber Security Engineering and Architecture organization. You will serve as a technical expert for the platform engineering and provide 24x7x365 support for critical security technologies. You will primary be responsible for hands on technical product design, build and support of platforms like Splunk Enterprise, Splunk Phantom, Splunk Enterprise Security, ArcSight, Confluence, database custom applications. You will be part of a global Splunk Operations Level 3 team.

What We Offer You:

• We offer competitive health and wellness benefits, empowering you to value life in and out of the office
• Retirement savings plans, parental leave, and other family-friendly programs

Return to Office:

• It is the Bank’s expectation that employees hired into this role will work in the McLean office in accordance with the Bank’s hybrid working model
• Deutsche Bank provides reasonable accommodations to candidates and employees with a substantiated need based on disability and/or religion

Hear from our people and look inside our office: DB@The Muse

Your Key Responsibilities:

• Engineer, implement and support SIEM platforms ArcSight, Splunk Enterprise, Splunk Enterprise Security, Splunk UBA and Splunk Phantom in public cloud and on-premises datacenters
• Manage Change & Release processes, Vendor Management, Capacity Management functions for the platforms
• On-board new data sources into Splunk, analyze the data for anomalies and trends and build dashboards highlighting the key trends of the data
• Contribute to product architecture, engineering and roadmap for platforms supported by SIEM Engineering team
• Ensure technical issues are quickly resolved and help implement strategies and solutions to reduce the likelihood of recurrence
• Develop security-focused content for Splunk, including creation of complex threat detection logic and operational dashboards

Your Skills and Experience:

• Previous relevant experience in Security Engineering, System Administration, Network Engineering, Software Engineering and development with a focus in Cybersecurity Security
• Substantial experience implementing, architecting and administering SIEM platforms like Splunk, ArcSight, Qradar etc., for a large global organization
• Knowledge of Azure/AWS/GCP services and data ingestion from those services into SIEM and proficiency developing log ingestion and aggregation strategies, XML, Bash, Python, and PowerShell scripts
• Experience writing Splunk queries in Splunk Programming Language (SPL) and thorough understanding of Splunk processing language, optimization principles, APIs, and SDK
• Splunk certifications such as Splunk Certified Administrator, Splunk Enterprise Security, Splunk Enterprise Certified Consultant, and/or Splunk Enterprise Certified Architect a plus

Our values define the working environment we strive to create - diverse, supportive and welcoming of different views. We embrace a culture reflecting a variety of perspectives, insights and backgrounds to drive innovation. We build talented and diverse teams to drive business results and encourage our people to develop to their full potential. Talk to us about flexible work arrangements and other initiatives we offer.
We promote good working relationships and encourage high standards of conduct and work performance. We welcome applications from talented people from all cultures, countries, races, genders, sexual orientations, disabilities, beliefs and generations and are committed to providing a working environment free from harassment, discrimination and retaliation.



We are an Equal Opportunity Employer - Veterans/Disabled and other protected categories. Click these links to view the following notices: "EEO is the Law poster" and supplement ; Employee Rights and Responsibilities under the Family and Medical Leave Act ; Employee Polygraph Protection Act and Pay Transparency Nondiscrimination Provision .