Senior Infrastructure Security Specialist
Aegon is an international financial service holding company headquartered in The Hague, the Netherlands. Our ambition is to build leading businesses that offer their customers investment, protection, and retirement solutions. Our purpose is to help people live their best lives, which goal runs through all of our activities. The company has multiple locations across the globe, with core markets in the UK and the US, partnerships in Spain & Portugal, Brazil, and China and an Asset Management organization with locations in UK, US, NL and Hungary. In the Netherlands, Aegon generates value via a strategic shareholding in a market leading insurance and pensions company.
Aegon Global Business Solutions Center is supporting these businesses with IT, Finance, Risk, Model Validation, Actuarial, Audit and Asset management services with a growing team of approx. 300 people, based in Budapest, Hungary.
Global Technology Services (GTS) is Aegon's global IT partner that provides infrastructure services, information security and global/corporate application support for Aegon's businesses around the world.
The Security Event Management (SEM) team is the primary team responsible for gathering and providing Security Intelligence into the SIEM platform. Correlation of security events, infrastructure devices, and application events are presented to the Global Security Operations Centers (SOC) for evaluation of investigation or false positive identification.
Key Responsibilities:
Work directly with Infrastructure and Application teams to align security and event applications with predetermined SOC use cases that provides the intelligence necessary for investigations.
Work within the Security Strategy to onboard the identified number of applications across all Business Units (BU), provide direction and guidance to the Business when difficulties arise with streaming events into the SIEM.
Assist in managing time resources and commitments with your customers to ensure onboarding activities are completed on time and in scope.
Qualifications and Skills:
Splunk Core experiences with Deployment Server configuration experience
Splunk Core experience with Infrastructure support knowledge (Indexers, Search Heads)
HTTP Event Collector (HEC) experience for streaming to endpoints
SPL Query Language experience
AWS – lambda, S3 format experience, Azure Cloud blob format experience for SaaS ingestion
Unix / Linux OS experience, Next Gen Firewall experience, Endpoint Threat Detection experience
Experience with proper source typing
Familiarity with Syslog technology
RegEx and stream parsing experience
Bachelor degree or equivalent training, education, and work experience
5 years of Splunk SIEM (Core, ES, etc) experience
Preferred:
Splunk Infrastructure deployment methodology
Experience with using a SIEM in a Global organization and having awareness of GDPR and other compliance regulations
Splunk Heavy Forwarder experience
Splunk Enterprise Security experience
Splunk Universal Forwarder management
Splunk Deployment / Cluster management
SNOW, Confluence, Jira experience
Behavioral Competencies:
Attention to Detail
Communication
Customer Focus
Coping
Commitment to Task
Decision Making and Problem Solving
Working Conditions
Requires participation in after-hours on-call rotation
May require some work outside of traditional work hours due to global meetings or projects
May require minimal travel for team meetings or training
AGT Hungary IT Services LLC (HUN entity)