Co-ordinates with external stakeholders for all matters relating to GSOC Platforms.
Responsible for the provision of a reliable infrastructure for the GSOC.
Responsible for provision of timely system administration for all GSOC infrastructure
Proactively enhance the capabilities of the GSOC platforms to keep aligned to changes within the GSOC teams.
Establish and maintain a good technical relationship with all relevant vendor support teams /account manager, internal customers and IT support teams
Manage changes within GSOC platforms etc. so as to minimise risk to production deployments
Proficient in the operation of Splunk Applications and any other toolsets so that they can complete the following as a minimum:
Access usernames and correlate activities around IP addresses and system identifiers
Assist local Splunk operators to access pre-correlated information into a pre-defined incident category
Perform Splunk and other tools administrative duties, such as adding new accounts, new data sources (such as types of asset information), new types of reports or building bespoke workflows and processes within the Archer environment – if content authoring is included in your duties
Perform administrative duties such as adding new types of detection logic, use cases, intelligence and data enrichment feed and log type – if content authoring is including in your duties.
Qualifications, experience and skills
At least five years’ experience as a system administrator.
Proven ability with Splunk or other Security Analytics platforms is essential. Ability in other SOC applications is highly desirable
Must have proven experience of Python Scripting
Demonstrated ability to collaborate with others to solve problems.
Able to effectively process, prioritise and respond to multiple data points (e.g., alerts, incidents, issues) simultaneously and to maintain focus on overarching issue status and outcomes in a high-pressured environment.
Excellent ability to make appropriate and informed decisions in a time-pressured situation.
Excellent analytical skills and solutions-oriented approach.
Demonstrated strong verbal and written communication skills.
Self-motivated and goal-oriented
Ability to interact professionally under pressure with a wide range of customers ranging from end-users to IT staff to management to external service providers.
Proven ability to dynamically prioritise work efforts to meet deadlines and work effectively with minimal supervision in a team environment.
System administration and ITIL processes experience are essential so that the GSOC can operate smoothly within the clients ITIL methodology.
Ability to, with aid of documentation and monitoring systems, diagnose root causes of issues in a moderately complex networked systems and applications infrastructure.
Ability to diagnose interrelationships between data-centre facility, network, server, and application issues.
Strong understanding of the roles of and relationships between infrastructure typical in a corporate IT environment including authentication technologies, servers, storage arrays, backup technologies, web applications, email/ calendaring/messaging services, voice applications, etc.