Description

You will architect and own the implementation of complex Splunk solutions to deliver actionable security insights.

Responsibilities

• Build and update custom detection rules, integrating them with third-party tools like Splunk Behavioral Analytics in a Risk Based Alerting format.
• Design and implement specialized Splunk solutions, specifically Splunk Enterprise Security (ES), to surface use cases.
• Design and build workflows for pre and post ticket automation using Splunk SOAR and related tools.
• Create executive and engineer dashboards to demonstrate security detection readiness.
• Conduct regular health checks and performance tuning across the Splunk environment to optimize latency and resource use.

Required Skills

• 5+ years of progressive experience with the Splunk platform, including at least 1 year in dedicated detection engineering.
• Proficiency in scripting languages, specifically Python and Bash, for automation and API integration.
• Hands-on experience deploying and managing Splunk in AWS, Azure, or GCP environments.
• Deep technical knowledge of Splunk components: Deployment Servers, Data Collection Nodes, intermediary forwarders, DB Connect, Universal Forwarders (Linux, Solaris, Windows, Mac), and rsyslog collectors.
• Experience with data processing pipelines, including ingest/edge processors.
• Familiarity with Splunk SOAR.
• Ability to articulate complex technical concepts clearly to both technical and business audiences.

Key Skills

Education

Any Gradute