Data Platform Engineer
Full Time
Mid Level
4+ years
Posted 2 weeks ago
Interested in this position?
Upload your resume and we'll match you with this and other relevant opportunities.
Upload Your ResumeAbout This Role
The Data Platform Engineer administers and supports security data platforms like Splunk and security data lakes, ensuring stable data flows and platform operations. This role is crucial for maintaining resilient and scalable security analytics capabilities for monitoring, incident response, threat analysis, and compliance.
Responsibilities
- Administer and maintain enterprise security data platforms to ensure availability, performance, and reliability.
- Support event ingestion onboarding and sustainment using multiple methods (e.g., syslog, DBX, and Splunk Technical Add-ons (TAs)).
- Install, upgrade, patch, and troubleshoot Enterprise Log Manager (ELM) and Security Information and Event Management (SIEM) components and supporting infrastructure.
- Support Splunk platform capabilities and apps as applicable (e.g., Splunk Enterprise Security (ES), User Behavior Analytics (UBA), and Splunk Core/Enterprise).
- Configure, tune, and maintain parsing and normalization so data aligns to the Splunk Common Information Model (CIM).
- Create and maintain custom TAs to standardize data onboarding and improve analytics outcomes.
- Perform routine monitoring, health checks, and maintenance; troubleshoot ingestion, parsing, and platform issues.
- Partner with security operations and engineering teams to optimize telemetry for detection, response, and operational/compliance reporting.
- Produce and maintain runbooks, SOPs, and technical documentation; contribute to continuous process improvement.
Requirements
- Legally authorized to work in the United States without employer sponsorship.
- Ability to obtain Public Trust clearance.
- 4+ years of experience supporting enterprise data platforms.
- 4+ years of hands-on experience installing, updating, and maintaining ELM/SIEM solutions and supporting technologies (e.g., Splunk, Cribl, Red Hat, VMware).
- Demonstrated experience configuring and maintaining event ingestion methods (e.g., syslog, DBX, TA software).
- Proven ability to create and maintain custom TAs to parse data into Splunk CIM format.
- Experience troubleshooting, monitoring, and performing routine maintenance of data systems.
Qualifications
- Bachelor's degree or equivalent relevant work experience.
- 4+ years of experience supporting enterprise data platforms and hands-on experience installing, updating, and maintaining ELM/SIEM solutions and supporting technologies.
Skills
Splunk
*
SYSLOG
*
VMware
*
Red Hat
*
Splunk Core/Enterprise
*
Cribl
*
DBX
*
Security Information and Event Management (SIEM)
*
Splunk Enterprise Security (ES)
*
Splunk Common Information Model (CIM)
*
Splunk Technical Add-ons (TAs)
*
Enterprise Log Manager (ELM)
*
User Behavior Analytics (UBA)
*
* Required skills
About Deloitte
A company transforming technology platforms, driving innovation, and transforming mission-critical operations for clients, especially in the Life Sciences sector.
Professional Services
View all jobs at Deloitte →
Related Searches
Similar Jobs
Workday HCM Functional Senior Consultant
Active
Deloitte
·
Dallas, TX
·
$107,600 - $198,400
Problem Solving
Microsoft Visio
Workday HCM
Workday Talent
+6 more
1 week ago
Manager - Mergers & Acquisitions Financial Due Diligence
Active
Deloitte
·
Cincinnati, OH
·
$131,175 - $229,500
Power BI
Alteryx
1 week ago
Physical AI Senior Manager
Active
Deloitte
·
Tampa, FL
·
$175,300 - $322,900
Robotics
AWS
NVIDIA
Computer Vision
+5 more
1 week ago
Sr. SRE Engineer Consultant
Active
Deloitte
·
Baltimore, MD
Cloud
SRE principles
Automation
Infra
+1 more
1 week ago
Policy Administrative Specialist
Active
Deloitte
·
Detroit, MI
·
$130,800 - $241,000
MS PowerPoint
Agile
MS Visio
Oracle Cloud Supply Planning
+5 more
1 week ago