What You'll Do
You will provide engineering and administration in support a number of security tools used by the SOC, such as a SIEM, Endpoint protection solutions, Vulnerability management solution and a case management solution.
In this role, you'll be proficient with recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards highlighting the key trends of the data. You'll need to be proficient within a Linux environment, editing and maintaining Splunk configuration files and apps.
You will also work closely with Security analysts with whom you will be required to interact regularly to gather requirements, perform troubleshooting, finetuning and provide assistance with the tools where needed. You will interact with management regularly.
You'll integrate tools for information exchange where applicable. You'll maintain security alerts; constantly fine tune, manage exceptions, and review detections to improve security detections. You'll collaborate closely with internal and external auditors to measure security compliance of security tools for protection coverage. You'll continue learning and improving your security engineering skills to match the current technical security challenges and innovations.
You'll perform product evaluations and compare security tools against business requirements. You'll have access to all the technical and management training courses you need to become the expert you want to be.
Who You'll Work With
You will be based in our Waltham or Atlanta office as part of the Security Operations Center and collaborate with fellow security engineers, analysts, and other IT security specialists.
The Security Operations Center (SOC) is McKinsey & Company's internal security monitoring, detection, and response organization tasked with the detection and response to cyber threats to our firm. The SOC is a 24/7 organization with teams in different geographical zones to ensure continuous operations and coverage of security monitoring, detection, and response.
Qualifications

• Bachelor's degree
• Working knowledge of AWS cloud
• Experience in a Splunk engineering role supporting SOC or NOC environments
• 3+ years of experience working in a Linux environment
• Practical knowledge and experience with Ansible and GIT
• Ability and familiarity with change and configuration management in an enterprise environment
• Strong problem-solving abilities with an analytic and qualitative eye for reasoning under pressure
• Self-starter with the ability to independently prioritize and complete multiple tasks with little to no supervision
• Ability to script in one more of the following computer languages Python, Bash, or PowerShell
• Experience in Container & Kubernetes workloads is a plus