Be an early applicantLess than 25 applicants

Company

BlueVoyant · 6 hours ago

Sr. Security Engineer - Splunk Enterprise Security

United States

Full-time

Remote

Senior Level, Lead/Staff

8+ years exp

Maximize your interview chances

Cyber SecurityNetwork Security

Actively Hiring

No H1B

U.S. Citizen Only

Hiring Manager

Kathe Kanwal Bist (formerly Yamagata)

Insider Connection @BlueVoyant

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Work on Splunk Enterprise and Splunk Cloud project implementations for customers (remotely), starting with design and architecture, deployment and use case tune-up.

Participate in the development of SIEM customizations to meet the customer requirements for enhancing MDR services.

Create and develop new detection, automation and reporting use cases per customer requirements.

Assess and report maturity of client SIEM and MDR deployments.

Define and assist in the creation of operational and executive security reports and dashboards.

As needed, assist with multi-SIEM environments that include Splunk, Microsoft Sentinel, and Azure technologies.

Work on MDR integration activities across the Splunk, Cribl and Microsoft Sentinel product stacks.

Be a strategic and lead technical delivery resource within a team for large and enterprise client-facing projects.

Act as a lead on the Deployment Engineering team and provide mentoring for other mid and junior level engineers.

Participate in ongoing support activities for client facing environments to help mature and maintain our MDR practices.

Identify and implement improvements around process and technical enablement.

Contribute to knowledge sharing activities, such as internal documentation, lunch and learns, public facing blogs, etc.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Splunk EnterpriseSplunk CloudSplunk Enterprise SecuritySplunk Search Process Language (SPL)SIEM technologiesMDR technologiesSQLBash scriptingPowerShellSKQLCloud technologiesAzureAWSGCPPythonRegExLinuxWindowsADRsyslogSyslog-ng

Required

At least 8 years of technical experience with enabling security technologies.

Strong experience with Splunk Enterprise and Splunk Cloud management and configuration.

Advanced experience in Splunk Enterprise Security premium app configuration and management.

Strong experience in Splunk Search Process Language (SPL)

Knowledge and familiarity of enterprise IT systems in relation to cyber security and log management.

Hands-on engineering experience with SIEM and MDR technologies.

Excellent communication skills to work in a dynamic and fast-paced team environment.

US Citizenship required

Preferred

Strong experience in additional query languages and/or script development such as SQL, Bash PowerShell, SKQL, etc.

Experienced and comfortable in customer facing roles

Expertise in Cloud technologies such as Azure, AWS, or GCP.

Expertise in understanding of Incident investigation and response skill sets.

Proficient in Python, bash scripting, and/or RegEx.

Proficient with navigating and supporting Linux & Windows hosts; AWS, Azure and GCP hosted infrastructure; AD, Rsyslog/Syslog-ng and other related technologies.