Splunk Security Engineer
We are seeking a highly skilled Splunk Security Engineer to join our team. This role will play a crucial part in designing, implementing and managing our security infrastructure.
Job Summary
This position offers an exciting opportunity to work with cutting-edge technologies, particularly focusing on Splunk and Azure Sentinel.
* Design, implement and manage security infrastructure using Splunk solutions.
* Collaborate with the incident response team to analyse and respond to security incidents.
* Develop and maintain robust security monitoring solutions using Splunk.
* Conduct proactive threat hunting exercises using Splunk queries and other tools.
* Collaborate with cross-functional teams to enhance overall security posture.
* Provide training to staff on the effective use of Splunk and related security tools.
Key Responsibilities
Splunk Deployment and Configuration: Lead the deployment, configuration and optimisation of Splunk solutions to ensure effective log management, SIEM.
Security Incident Response: Collaborate with the incident response team to analyse and respond to security incidents, utilising Splunk as a primary tool for investigation and analysis.
Security Monitoring: Develop and maintain robust security monitoring solutions using Splunk to detect and respond to security threats proactively.
Threat Hunting: Conduct proactive threat hunting exercises using Splunk queries and other tools to identify potential security risks and vulnerabilities.
Documentation: Create and maintain comprehensive documentation related to Splunk configurations, security procedures and incident response processes.
Qualifications
Requirements:
* Proven experience with maintenance and deployment of Splunk Core and Enterprise Security.
* In-depth knowledge of Splunk architecture, searches, dashboards and alerts.
* 2+ years of professional experience in Security/IT/System/Network Administration and Engineering.
* Experience with implementation and operation of any of the following security solution: SIEM, DLP, Firewalls, WAF, VPN, EDR, IPS/IDS, Email Gateway, etc.
* Knowledge of cloud architecture and security (AWS, Azure) is desired.
* Strong understanding of cybersecurity principles and best practices.
* Excellent analytical and problem-solving skills.
* Degree in Computer Science, Information Security, or a related field.
* Certifications such as Splunk Core/Cloud Admin are a plus.
Estimated Salary: $120,000 - $180,000 per year, depending on experience and qualifications.