Cyber Risk Defense Consultant V - Splunk Administrator

This senior level employee is primarily responsible for overseeing the maintenance and protection of integrity and reliability of the security of data, systems and networks.

• Conducts or oversees business-specific projects by applying deep expertise in subject area; promoting adherence to all procedures and policies; developing work plans to meet business priorities and deadlines; determining and carrying out processes and methodologies; coordinating and delegating resources to accomplish organizational goals; partnering internally and externally to make effective business decisions; solving complex problems; escalating issues or risks, as appropriate; monitoring progress and results; recognizing and capitalizing on improvement opportunities; evaluating recommendations made; and influencing the completion of project tasks by others.
• Practices self-leadership and promotes learning in others by building relationships with cross-functional stakeholders; communicating information and providing advice to drive projects forward; influencing team members within assigned unit; listening and responding to, seeking, and addressing performance feedback; adapting to competing demands and new responsibilities; providing feedback to others, including upward feedback to leadership and mentoring junior team members; creating and executing plans to capitalize on strengths and improve opportunity areas; and adapting to and learning from change, difficulties, and feedback.
• Leads team in the proactive monitoring and/or response to known or emerging threats against the KP network.
• Effectively communicates investigative findings to non-technical audiences.
• Plans and facilitates regular operations meeting with Cyber Risk Defense Center (CRDC) teams.
• Supports closed loop processes on security efforts by providing feedback to the TDA leads and/or leadership.
• Participates in information fusion procedures across operations and engineering, including activities such as Use Case planning/development, Use Case quality assurance validation, and response procedure documentation.
• Serves as a liaison between stage teams and upper management by identifying issues, improvement areas, or security/architectural gaps and suggesting appropriate improvements.
• Drives the development of the CRDC intellectual capital by leading process or procedure improvements, consulting on brown bag training sessions, and leading the development of new training documents.
• Partners with the CRDC Policy Engineers and Remediation teams to contain identified issues and determine the best approach for improving security posture.
• Facilitates follow-up remediation design and review efforts.
• Leads the investigation and triage of security events across multiple domains.
• Leads complex data analyses in support of security event management processes, including root cause analysis.
• Coordinates the response and resolution of high impact or critical cyber security incidents.
• Leads the deployment of threat detection capabilities and/or incident response plans which may include after-hours support and coordination among responsible teams.
• Drives the execution of incident detection and/or handling processes which may include containment, protection, and remediation activities.