Focal Point Data Risk, a CDW Company, is one that delivers a unified approach to addressing data risk through a unique combination of consulting service offerings. Focal Point has brought together industry-leading expertise in cyber security, identity governance and access management, data privacy and analytics, internal audit, and hands-on training services, giving companies everything, they need to plan and develop effective risk and security programs. By integrating these services, we provide our clients with the flexible support they need to protect and leverage data across any part of their organization. Simply put, CDW-Focal Point is the next generation of risk management.
A Splunk Engineer on the FocalPoint Technology Integrations team. The candidate must have consulting experience on Splunk across a wide range of customer verticals such as HealthCare, Commercial, Utility and Government. The candidate must be a thought leader with sharp technical acumen to build a team, participate in pre-sales to help our sales team with potential leads.
The candidate must also carry the first line of client delivery interactions and are responsible for defining, developing, and presenting custom solutions (e.g., roadmaps, program development, best practices, etc.) to help our clients achieve their future state goals. The Principal Strategist will be expected to have consistent client interactions, excellent communication and organization skills, and the ability to write detailed documentation.
At a high-level, CDW is looking for candidates who embody the following traits:
- Deep understanding of Enterprise security using Splunk
- The ability to navigate through complex challenges.
- A desire for learning and mentoring others; and
- Proficient writing and soft skills.
Expectations for the Splunk Engineer
- Lead day-to-day billable operations within client projects – ability to fulfill project needs and build client relationships, while acting independently or as part of a larger team.
- Optionally join a pre-sales overlay team of technical experts who leverage their diverse technical backgrounds to help Americas customers design solutions at scale
- Drive customer engagement for Splunk Cloud in AWS commercial regions, as well as Splunk’s FedRAMP and Impact Level - 5 (IL-5) offerings hosted in AWS GovCloud
- Demonstrate a deep understanding on relevant components of the Enterprise Splunk security space.
- Provide senior, technical sales leadership for Splunk Enterprise and Cloud opportunities
- Operate as a self-starter who is driven by an intense desire to learn, grow, teach & win
- Influence product capabilities and direction based on crosscutting customer challenges and needs
- Guide customers through best practices and architectures for complex technology challenges
- Act as an internal technical expert, fielding questions related to Splunk Cloud services, and cloud services provided by Microsoft Azure, Google Cloud Platform, and Amazon Web Services
- Develop and deliver technical content for internal and external audiences to advance sales stages and / or provide high-impact marketing events
- Maintain and extend personal expertise related to evolving and newly emerging technologies underpinning the latest industry trends and prototype solutions for integration with Splunk
- Perform work successfully with little to no oversight.
- Remain current on Enterprise SIEM and Data Governance market-related and emerging trends, tools, and methodologies.
- Travel as needed to customer locations to lead and participate in IAM assessments and similar engagements – Please note that during this COVID period, any business-related travel is being handled on a case-by-case basis with management approval.
- Adhere to policies, procedures, and security practices of the IAM SSA team.
- Resolve internal problems maturely and independently and understand escalation procedures within the IAM SSA team.
- Demonstrate strong, proactive communication with all levels of the IAM SSA team.
- Occasionally perform training/teaching activities for the team on different topics, as needed.
- Participate in advanced projects; including projects that require on-the-fly research and assessment process development and/or lie outside of core group of offerings.
- Perform other duties as assigned.
Specific Knowledge, Skills and Abilities:
- Understanding of Syslog daemon configuration principles, ideally in Syslog-NG and RSyslog configurations.
- Cloud experience (AWS, Azure, etc.)
- Development and API experience (Python, Perl, XML).
- SaltStack, Ansible, and other enterprise automation tool experience.
- Hardware experience and storage experience (SAN, NAS, etc.)
- Experience designing and implementing ground up distributed Splunk installations including all Splunk server roles (Search Head, Indexers, Heavy Forwarders and Universal Forwarders, etc.).
- Experience with advanced configuration of Splunk including Indexer Clustering and Search Head Clustering.
- Experience maintaining and administering enterprise Splunk implementations.
- Experience developing custom Splunk content including scheduled searches, reports, dashboards, etc. • Experience configuring indexes, index routing, retention policies, etc.
- Experience working in LINUX and windows environments, ability to configure:
- Proficient at data on-boarding activities including custom parsing rules, custom Technology Add-On building according to Splunk's Common Information Model (CIM).
- Storage subsystems (I.e. partitioning, Volume Groups, Logical Volumes, etc.)
- Knowledge with Security-Enhanced LINUX (SELinux).
- Familiarity with different flavors of LINUX distros (RedHat, CentOS, Ubuntu, etc.)
- File Permission Settings (LINUX/windows).
- Excellent written and oral skills, ability to work closely with multiple customers, manage expectations, and track engagement scope.
Preferred Education, Experience and Licenses
- Splunk Enterprise Security Implementation certification (Level 1 or 2).
- Splunk IT Service Intelligence certification.
- Splunk Admin/Power User certification (Architect certification preferred).
- Strong written and verbal communication skills, adaptable to all levels of an organization.
- Effectively present information in one-on-one, small, and large group situations to customers, clients, and other employees of the organization.
- Read your audience and communicate effectively for each person to understand the message being delivered (e.g., reducing advanced concepts into digestible principles).
- Communicate details in a clear, understandable manner to multiple levels of an organization and follow templates and other requirements, as applicable.
- Customer-oriented focus with a strong interest in client satisfaction.
- Strong problem-solving aptitude with the ability to think clearly under pressure and navigate complex challenges.
- Self-starter with a desire to learn and grow in the cyber security spectrum.
- Demonstrated ability to identify and understand:
- New technology and concepts quickly, as needed, to support new/ongoing projects.
- How system and tool concepts work in the absence of instructions or training.
- Demonstrated time management, independent work, and organizational skills.
CDW is committed to maintaining a workplace that is free of known hazards and to ensuring the safety, health, and well-being of coworkers and candidates for employment and their families, as well as the community.
CDW requires all coworkers be fully vaccinated against COVID-19, with the only exceptions being a documented, legally required medical or religious accommodation. Prior to starting with CDW, successful candidates will be required to: (i) be fully vaccinated against COVID-19 and provide CDW with proof of full vaccination; or (ii) apply for and receive a medical or religious-based accommodation to be exempt from the mandatory vaccination policy.