Splunk Administrator

Company Description

Natixis in Portugal is a Centre of Expertise whose mission is to transform traditional banking by developing innovative solutions for the business, operations and work culture of Groupe BPCE worldwide.

Natixis in Portugal is part of the Global Financial Services division, where it applies technology for the development of financial expertise in its two global business lines – Corporate & Investment Banking and Asset & Wealth Management – and, transversally, for the entities of Groupe BPCE.

The Centre of Expertise, based in Porto, currently has more than 2,400 employees from over 30 nationalities, organised in three main departments: Information Technology, Banking Support Activities and Compliance. These teams work in an integrated, inclusive and transversal way, supporting and creating value for all the business lines and platforms of the group. The project in Porto is one of the biggest investments in Human Resources ever made by Groupe BPCE worldwide.

A disruptive mindset and a culture of proximity and agility identify Natixis in Portugal Team and reflect the company's mission to transform traditional banking at a global scale: a perfect match in the Portuguese dynamics and entrepreneurial ecosystem.

In 2024, Top Employers Institute has awarded Natixis in Portugal the Top Employer Portugal accreditation for the second time. This certification recognizes excellence in people practices, following the example of our head office, in France, who was certified Top Employer France for the eight year in a row.

Job Description

Founded in 2015, BPCE Infogérance & Technologies is a subsidiary of Groupe BPCE, dedicated to Infrastructures, End-User Environment, Security and Production. Driven by growth, expertise, transformation and agility, this project embraces an international mindset and a diverse skill set. You’ll find yourself in a dynamic and enriching workplace or, as we like to name it, a real tech playground, where you’ll be able to explore a huge tech stack. 

Team presentation:

The SOC means Security Operation Center. Its main goal is to prevent, detect and respond to Cybersecurity Events.

The OTP Team is a part of the SOC Department. It means “Tools, Transformation & Projects”. Our main goal is to Support and Improve the Security Tools on our SOC activities.

OTP Team handles:

• Our Security Information & Event Management tool: Splunk
• Our Security Incident and Response Plateform tool: TheHive
• Our Security Orchestration & Automation Response tool: n8n
• Our Endpoint Detection and Response tool: Trellix HX
• It has also the responsibility to maintain a PRIS environment which is a secure environment outside of the BPCE Group’s Information System that allows our experts to investigate and proceed with forensic work.

And the OTP Team leads also the following security projects:

• Security Log collection
• Security usecases with Machine Learning and Deep learning
• Cloud Security log collection and usecases (AWS, GCP and Azure)
• Usecases with Security Automation

Missions: 

• Participate in the Operators' projects under the guidance of the Project Director and/or Project Manager of BPCE Managed Services and Technologies in the construction and production phases of application evolutions
• Ensure the availability of technical resources
• Analyze and correct incidents in levels 2 and 3
• Actively participate in the production and software development processes in conjunction with Operators Editors and provide operational support to project teams
• Implement technical resolution solutions of incidents. Perform diagnostics to identify causes of malfunction, propose and implement "back-up" fixes and solutions.
• Maintain information system applications in operational condition for quality, productivity and security.
•  Analyze the operational risks and customer impacts of its area of responsibility
• Ensure the management of environments (definition of needs, validation of development and acceptance environments, monitoring)
• Ensure a role of advice, assistance, information, training and early warning in integration (definition of the components of the IS, steering of implementation and guaranteeing the required level of quality).
• Participate in defining usability requirements in their area of responsibility and, where necessary, interface experts in other areas and manage interactions with suppliers.
• Define standards and rules for sound management of operating systems and systematically check their application (IT security, quality, etc.).
• Contribute to reliability, securing and optimising security in its area of responsibility
• Offering innovative solutions to improve the performance of its area of activity
• Ensuring the right level of service quality in line with the requirements of service contracts (SLA) in their area of responsibility

Specificities for integration activities

• Participate in the design and/or choice of solutions (or software package)
• Participate in the production of information system evolutions
• Establish operational preparation files, manufacture or evolve components, test them individually and ensure that the results comply with the technical specifications
• Integrate the solution or the hardware and/or corrective maintenance into the reference system and ensure the availability of the components
• Actively participate in the certification

In addition, for the Packaging activities

• Install a set of components constituting the version, carry out the porting of the versions, assist the teams for the installation and production of the released versions, manage the repository of the platform (object reference and configuration)

In addition, for the approval activities

• Ensure the approval of the various software, perform the acceptance, validation, installation and provision of components, and perform the technical tests and reception.
• Perform delivery of the application (deliverables: documentation, components, etc.).

Specificities for support activities

• To ensure that the IT working environment of users is maintained in operational condition by providing assistance, advice, information and training.
• Actively contribute to continuous improvement by relaying the voice of users to competent technical teams.
• Can contribute to the evolution of the IS by being involved in projects with an impact on the supported work environment.

Job Duties :

• Work on advanced Splunk administration, and development efforts, with a goal towards enhancing/building out the Splunk infrastructure as it relates to system and technical application logs, troubleshooting, reporting, custom queries, dashboards, and security roles administration.
• Support, maintain, and expand Splunk infrastructure in a highly resilient configuration
• Standardized Splunk agent deployment, configuration and maintenance across a variety of platforms
• Troubleshoot Splunk server and agent problems and issues
• Monitor the agent and server infrastructure for capacity planning and optimization
• Automate processes and procedures where applicable
• Research, design, evaluate, recommend and support major hardware and software enhancements
• Design, code and maintain custom scripts to increase system efficiency and lower the human intervention time on any tasks

Qualifications

Prefered Certifications:

• Splunk Certified Admin
• Splunk Certified Architect

Qualifications :

• Master Degree or equivalent experience
• Minimum of 3 years of experience with Splunk development/administration, installation, configuration, clustering, monitoring, query design, dashboard design
• Experience with RedHat OS
• Experience with scripting (Python, shell, etc)

Additional Information

At Natixis, we are committed to fostering a working environment where each and every one of our people is treated with dignity and respect and where every voice is heard. Our differences make us collectively stronger and are a source of fulfilment, innovation and performance.

In the framework of its Diversity, Equity & Inclusion policy, Natixis in Portugal has implemented a Blind CV Screening process, with the purpose of reducing hiring bias. A blind CV excludes any personal details which refer to the applicant’s gender, age or ethnicity. When applying for our positions, please submit a blind CV, that is, with no picture, name, gender, age, nationality, ethnicity and address. Your personal statement, work experience, courses and certifications, education, skills and contact information is what matters to us.

#MuchMoreThanJustAJob

Early morning. Campo 24 de Agosto. In 4 minutes, you are clocking in at the office. Start your day having breakfast with the Team and grab fresh fruit on the way to your seat, in one of Porto’s most typical neighborhoods. This Purple Day is going to be a busy one: daily meeting ensuring all team members are on the same page regarding work status, priorities and blockers, language class and, just after, a Talent Management meeting with your manager, discussing your career path. 

Lunch break. Today, your Team is onboarding newcomers, but also welcoming French colleagues: the perfect excuse to walk downtown and bond over a francesinha. When returning, inhale nature and peace of mind in Natixis Urban Garden (look at the crops; ready to harvest!). 

Back inside. Brainstorming session on a new, exciting project in our disruptive and immersive Manaus Village. The afternoon went flying (tasks, meetings, some jokes with your teammates). End it on a high note: celebrating cultural diversity with a Diwali, the Indian festival of lights. 

Tomorrow, you attend a conference led by influential speakers in your industry and, the day after, you will work from home, benefitting from some focus time to complete that report and soft skills course on LinkedIn Learning. Once you are done with your work for the day, strike the right note playing with Natixis band or be part of a board games session. If that is too steady for you, meet your colleagues to catch some waves or sail the Douro river during golden hour.