Staff Security Engineer, Splunk

View full description

Requirements:

• 8+ years in cybersecurity, including 5+ years focused on security monitoring, threat detection, or incident response.
• 3+ years of advanced hands-on experience with Splunk and data lake technologies like Snowflake.
• Bachelor’s degree in Computer Science, Information Security, Data Science, or related field; Master's degree preferred.
• Relevant certifications such as Splunk Certified Architect, Splunk Enterprise Security Certified Admin, Snowflake certifications, CISSP, or GCIH are highly desirable.
• Expertise in Splunk Enterprise, Splunk Enterprise Security (ES), and Splunk SOAR.
• Deep knowledge of data lake architectures (Snowflake, AWS S3, Google BigQuery) and experience integrating these with Splunk.
• Advanced skills in log management, SPL, and SQL; proficiency in scripting languages like Python or PowerShell.

Responsibilities:

• Design and implement a scalable, optimized Splunk architecture integrated with Snowflake and other data lakes for security data analysis.
• Build high-value dashboards, alerts, reports, and visualizations within Splunk and across data lakes for actionable insights.
• Oversee integration and maintenance of security data pipelines between Splunk and data lakes, ensuring data accuracy and accessibility.
• Develop automation solutions within Splunk and data lakes for streamlined threat detection and response workflows.
• Collaborate with Security, IT, and Engineering teams on data ingestion standards and security requirements.
• Ensure compliance of Splunk and data lake processes with requirements such as SOC 2 and ISO 27001, and maintain documentation.