Sr Engineer, Information SecurityApply Job ID: R-022104 Date posted: 03/31/2022 Primary Location SC-Fort Mill Other Locations NC-Remote , SC-Remote , CA-San Diego
Are you a team player? Are you curious to learn? Are you interested in working in meaningful projects? Do you want to work with cutting-edge technology? Are you interested in being part of a team that is working to transform and do things differently? If so, LPL Financial is the place for you!
LPL Financial (Nasdaq: LPLA) was founded on the principle that the firm should work for the advisor, and not the other way around. Today, LPL is a leader* in the markets we serve, supporting more than 18,000 financial advisors, 800 institution-based investment programs and 450 independent RIA firms nationwide. We are steadfast in our commitment to the advisor-centered model and the belief that Americans deserve access to personalized guidance from a financial advisor. At LPL, independence means that advisors have the freedom they deserve to choose the business model, services, and technology resources that allow them to run their perfect practice. And they have the freedom to manage their client relationships, because they know their clients best. Simply put, we take care of our advisors, so they can take care of their clients.
The Splunk Engineer will manage a Splunk Cloud environment, multiple search heads, deployment server, heavy forwarders and universal forwarders. The Sr Information Security Engineer will be responsible for maintaining a reliable Splunk environment. They will monitor system performance, application functionality and license usage and are responsible for communicating needed changes to the Splunk environment, such as license increases, hardware modifications, and new technologies to enhance availability to the customer.
The Senior Splunk Engineer will be a key member of the SIEM and Splunk Engineering team ensuring maximum availability of the Splunk cloud environment and providing technical support and expertise to LPL’s Cyber Security Operations Center. This role is responsible for Splunk administration support and maintenance, data onboarding, tool deployments and advanced content development.
Provide thought support and execution for all design, implementation, and maintenance activities related to the SIEM platform.
Linux/Windows and Splunk server administration, including upgrades of Universal Forwarders, Heavy Forwarders and Deployment Servers.
Monitor and maintain Splunk performance, availability, and capacity
Perform data ingestion and data visualization for Splunk and Splunk Enterprise Security Suite
Provide proficient knowledge of recognizing and onboarding new data sources into Splunk, analyzing the data for parsing purposes to make it CIM compliant, then building use cases to fulfill stakeholder requirements.
Develop reliable, efficient queries that will feed custom alerts and dashboards
Build and integrate contextual data into the notable events and workflow within Splunk Enterprise Security Suite
Assist users of Splunk in designing and maintaining production-quality searches, dashboards and alerts
Develop automation and scripts to drive efficiencies in the SOC
Recommend and assist in technology evaluations and implementations.
Develop and Implement Apps & Knowledge Objects (KO) like Dashboard, Reports, Data Models upon request of customers
Create and update documentation and playbooks
Work with application owners to understand and document current logging stances
Work with application owners to develop CIM compliant logging where it does not currently exist
24/7 on-call support (as needed)
Develop good working relationships with customers and other stakeholders, and provide advice and assistance to stakeholders on Splunk related issues
What are we looking for?
We want strong collaborators who can deliver a world-class client experience. We are looking for people who thrive in a fast-paced environment, are client-focused, team oriented, and are able to execute in a way that encourages creativity and continuous improvement.
5+ years of information security applications and systems experience
2+ years of Splunk SIEM experience and the Enterprise Security Application
2 + years of experience with network security, endpoint security, or security threat vectors
2 + years of Regular Expression (regex) experience
Excellent technical writing and documentation skills
Expertise in automation using scripting tools like PowerShell, Python or Bash
Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux
Splunk Certified Admin is Preferred.
At LPL, we believe that objective financial guidance is a fundamental need for everyone. As the nation’s leading independent broker-dealer, we offer an integrated platform of proprietary technology, brokerage, and investment advisor services. We provide you with a work environment that encourages your creativity and growth, a leadership team that is supportive and responsive, and the opportunity to create a career that has no limits, only amazing potential.
We are one team on one mission. We take care of our advisors, so they can take care of their clients.
Because our company is not too big and not too small, you can seize the opportunity to make a real impact. We are committed to supporting workplace equality, and we embrace the different perspectives and backgrounds of our employees.We also care for our communities, and we encourage our employees to do the same. This creates an environment in which you can do your best work.
Want to hear from our employees on what it’s like to work at LPL? Watch this!
We take social responsibility seriously. Learn more here
Want to see info on our benefits? Learn more here
Join the LPL team and help us make a difference by turning life’s aspirations into financial realities. Please log in or create an account to apply to this position. Principals only. EOE.
Information on Interviews:
LPL will only communicate with a job applicant directly from an @lplfinancial.com email address and will never conduct an interview online or in a chatroom forum. During an interview, LPL will not request any form of payment from the applicant, or information regarding an applicant’s bank or credit card. Should you have any questions regarding the application process, please contact LPL’s Human Resources Solutions Center at (800) 877-7210.