Splunk points to ‘new’ IT engineering roles

Splunk closed its 2016 .conf user, customer, partner event this week with some interesting comments pointing to the rise of a ‘new’ breed of  technology engineering roles.

Given the prevalence (and, let’s face it, the level of media discussion) surrounding DevOps and the need for Continuous Delivery (DC) and Continuous Integration (CI) in what we consider to be Agile (with a caps A) working software application development environments, we can point to the importance of ‘new’ roles including:

  • Release Manager
  •  Automation Engineer
  • Orchestration Engineer

It’s true, none of these roles are actually ‘new’ and in particular we know that release management is already a defined discipline. But while a search of the actual term ‘automation engineer’ today will most directly throw up job postings in robotics and machinery specialists in food processing plants, this will soon change as more software engineers train in specific automation and orchestration roles.

With the firm’s focus on machine data in real time operations management, Splunk is keen to explain how ‘data events’ will now be more closely tracked, more proactively managed and more directly automated and orchestrated into the complete IT systems used by firms in all verticals. This then (arguably) provides some validation for the prevalence of the above mentioned job designations.

 Splunk partners

Splunk also spent a good deal of time showcasing its work with partners. As already reported on Computer Weekly, we know that Splunk has worked with a number of partners directly to expand the Adaptive Response Initiative.

Partners including Cisco, Okta, Proofpoint and Qualys have all joined to help, “Leverage end-to-end context and automated response [controlled, obviously, by automation engineers] to help organisations better combat advanced attacks through a unified defence.”

In terms of partner sessions at the show itself, particular mention must go to Scott Stables in his role as chief technologist at Booz Allen Hamilton.

According to the show collateral, “Booz Allen and Splunk have partnered to deliver a solution to improve operations by incorporating cyber risk into a single pane dashboard. This solution will allow operators and engineers to assess, track and manage ever changing cyber risks associated with their industrial control systems.Booz Allen and Splunk experts demonstrate how to work with technical indicators, vulnerabilities and improve operations.”

One of the only firms putting out formal press messages to support Splunk at .conf 2016 this year was Anomali who also joined Splunk’s Adaptive Response Initiative.

The firm is known for its ThreatStream threat intelligence software for Security Operations Centres (SOCs).

“Customers can leverage Anomali within the Adaptive Response framework in Splunk ES to aggregate, prioritise and manage more than 100 million indicators of compromise to reduce their overall risk posture,” said Asad Baheri, Asad Baheri, Director of Business Development, Anomali.

Also on the partner floor was Demisto with its Demisto Enterprise software. Described as the industry’s first Bot-powered security ChatOps platform to automate and streamline security operations and incident management processes.

NOTE: According to pagerduty.com “ChatOps, a term widely credited to GitHub, is all about conversation-driven development. By bringing your tools into your conversations and using a chat bot modified to work with key plugins and scripts, teams can automate tasks and collaborate, working better, cheaper and faster.”

Demisto explains that security analysts can its technology to scale their time and effort during critical incident investigation stages while sharing knowledge and working collaboratively for faster resolution.

Finally a note again to Splunk… surely the best industry geek t-shirt ever produced (see below).