Splunk Cyber Security Solutions Engineer

About The Position

Requirements

• Extensive experience (5+ years) in information security operations or related IT functions.
• Bachelor's Degree in Computer Science, Information Technology, or Information Security (Master's preferred).
• Strong communication and collaboration skills, both oral and written.
• Understanding of network protocols, operating systems, applications, and device event telemetry.

Nice To Haves

• Experience with SAAS- or cloud-hosted Splunk implementation.
• Understanding of network defense tools (firewall, IPS/IDS, WAF/CDN, etc.).
• Familiarity with endpoint defense tools (EDR, anti-malware).

Responsibilities

• Tune and configure Splunk Core and Splunk Enterprise Security services.
• Develop actionable alerts and workflows for Splunk as a SIEM tool.
• Create and implement apps and knowledge objects like dashboards, reports, and data models.
• Collaborate with the Splunk Architect/Admin to promote private knowledge objects to global knowledge objects.
• Assist and train the CISO Splunk Engineering team on data lifecycle support.
• Host workshops for CISO teams and analysts on searching and content development.
• Develop automation to improve efficiency of CISO workflows using Splunk.
• Create advanced security use cases in Splunk.
• Develop risk rules and incident rules to alert on significant cyber events.
• Create custom dashboards for Risk Based Alerting (RBA).
• Configure incident response and remediation workflows for notable events.
• Develop custom machine learning models for anomaly detection in alerting.
• Work with stakeholders to implement and maintain event logging from various systems.

Benefits

• Major medical insurance
• Health Savings Account (HSA)
• Dental insurance
• Vision insurance
• Employer-provided group life insurance
• Voluntary life insurance
• Short-term disability
• Long-term disability
• 401k