Building the next generation of Security Ninjas - ECS is full on with Splunk

A leading Splunk partner in the UK, ECS is providing full spectrum capabilities across the IT landscape. They support some of the largest and most heavily regulated businesses with tailored IT consultancy and services that deliver transformation, cost reduction and operational effectiveness; alongside working with companies embracing the fast-moving digital revolution.

Their vision is to create value and success for their customers by harnessing knowledge, ideas and innovation from their community of dedicated and highly skilled professionals.

We interviewed Harry McLaren, Senior Security Consultant and now also the Splunk Enablement Lead within ECS.

What is the current challenge that ECS and your peers in the industry face when it comes to security?

Harry: Finding the next generation of talent is challenging, and we constantly need a flow of skilled graduates to meet the growing demand we see from the industry to help us deliver customer success. We started working with Splunk several years ago, with just three consultants. Today we are at about 20 and we want to grow that number to 40 by the end of the year. That’s just in our delivery business unit. We also run several Security Operations Centers (SOCs) in the UK and we have another 60 people in that team as of today. We need to ensure that the graduates we hire get a broad range of experience as soon as possible. Splunk is a great place to start since it touches so many different data sources and systems and can provide deep insight into how complex environments work together.

What kind of graduates are you looking for?

Harry: We’ve traditionally focused on graduates who hold a computer security degree. However, as we are moving into more domains with Splunk - like IT operations and business analytics - we are now looking more broadly at any computing or technical degree.

How are you reaching out to the graduates? I heard about some joint activities with Edinburgh Napier University?

Harry: We recently started running ECS Splunk Hackathons with graduates who are in their 3rd year of study or above. Over the course of six hours (don’t worry, we give them pizza and beer to keep them going!) we provide them with data sets under different scenarios and see what they can come up with. They are exploring security operations data (firewalls, proxy servers) IT operations data (system performance, account lockouts) and business data (sales figures, purchasing errors). The hackathons have several benefits. They help us to identify great candidates and highlight our brand with the students. And the students also benefit from exposure to experts and real-world scenarios. Plus, it helps to get them excited about the possibilities of working with a technology like Splunk.

You’re also the co-leader of the Edinburgh Splunk User Group - Where can someone learn more about it?

Harry: I’m glad you asked. We’ve already run several user groups in Edinburgh where we’ve covered a wide range topics including dashboarding, universal vs. heavy forwarders, ITSI, use case development, security and Splunk best practices. We are publishing the dates on the user group page for Edinburgh as we schedule them. I recommend everyone in the Edinburgh area signs up, that way you’ll get a notification when the next one comes up so you can't miss them.

#####

Harry, thanks a lot for the interview and the work you do every day to help graduates built their careers and organizations to be successful with Splunk.

Happy Splunking,

Matthias