8+ years of experience as a Splunk/security engineer with hands-on expertise in Splunk Enterprise Security, preferably in a SOC or similar environment.
Strong ability to configure, run, and monitor alerts within Splunk ES; familiarity with security data sources, log formats, and SIEM integration.
Splunk certifications (e.g., Splunk Certified Admin, Splunk Enterprise Security Certified Admin) are a plus, with knowledge of security frameworks, compliance requirements, and threat intelligence integration.
Scripting skills (Python, Bash, etc.) for automation and customization; experience in large-scale or multi-site Splunk deployments.
Requirements:
Configure, customize, and maintain Splunk Enterprise Security to meet organizational security monitoring needs.
Develop, tune, and monitor security alerts, correlation searches, and dashboards within Splunk ES.
Implement and manage use cases, data models, and risk-based alerting frameworks.
Work closely with Security Analysts to triage, investigate, and respond to security alerts generated by Splunk ES.
Job description
Archetype
Splunk Engineer with Enterprise Security Duration: 6 + months, possible extensions Remote role 40 hours per week US based resources - Preferably US or GC Experience level - 8+ yrs.
This role requires technical Splunk expertise and security operations collaboration to ensure effective threat detection and response.
Splunk Enterprise Security Engineer
Role Overview We are seeking an experienced Splunk Engineer specializing in Splunk Enterprise Security (ES) to administer, manage, and optimize our Splunk operations. The ideal candidate will be responsible for configuring, monitoring, and maintaining Splunk ES to support our security operations, working closely with Security Analysts to ensure effective threat detection and response.
