| Job Description: |
Job Description: Role Overview
This role provides expert-level engineering, design, and hands‑on platform ownership for Splunk and modern SIEM solutions. The Senior Security Engineer will lead Splunk platform engineering activities including proposal support, data onboarding, automation, and integration across enterprise systems. The candidate will serve as a subject matter expert across a wide range of security technologies and collaborate closely with internal engineering teams to deliver advanced security capabilities.
The Engineer must be up to date with the latest SIEM platforms—including Splunk and Microsoft Azure Sentinel—and have strong architectural expertise. This role is responsible for delivering solutions across the Enterprise Splunk suite (ITSI, UBA, CRIBL), Microsoft Security Solutions, virtualization technologies, and cloud platforms (Azure, AWS, Google Cloud). The successful candidate will design, build, support, and document end-to-end engineering solutions that enhance security posture, improve operational efficiency, and drive business value.
Key Responsibilities
Provide expert, hands‑on engineering support for the Splunk platform, including architecture, deployment, optimization, onboarding, and automation.
Lead data onboarding from APIs, databases, and Splunkbase applications with an emphasis on CIM compliance.
Architect, engineer, and support SIEM environments (Splunk Enterprise, Splunk ITSI, UBA, CRIBL, Azure Sentinel).
Partner with Security Engineering, Business teams, and Infrastructure Engineering to deliver scalable security solutions.
Drive technical deliverables, lead project teams, and collaborate with leadership on strategy and solution design.
Ensure solutions enhance productivity, improve detection and monitoring capabilities, and align with organizational goals.
Create and maintain engineering documentation, runbooks, diagrams, and architecture models.
Support modernization efforts, cloud migration initiatives, and advanced monitoring toolsets.
Contribute expertise to security event logging, parsing, enrichment, correlation, and dashboard/alert development.
Technical Requirements
The Senior Engineer is expected to have expert-level knowledge across a broad scope of security technologies, frameworks, tools, and engineering processes.
Required Technical Expertise
Splunk Enterprise Engineering
Advanced Splunk administration & architecture
Expert-level CIM compliance
Advanced dashboarding and alerting
ITSI and UBA experience (highly preferred)
CRIBL expertise (considered a strong asset)
Cloud & Security Engineering
Deep experience with Azure, plus exposure to AWS and Google Cloud
Expertise with Microsoft Security Solutions, including Azure Sentinel
Understanding of security in cloud and highly virtualized environments
Log & Data Engineering
Expert understanding of Windows and/or RHEL/Unix log formats
Strong knowledge of server, network, and security log types
Experience onboarding APIs, databases, and Splunkbase apps
Programming & Automation
Proficient in Python scripting
Understanding of automation workflows and orchestration
Industry Knowledge
Prior experience in a financial services or banking environment
(knowledge of financial-sector tools, policies, and procedures is a strong advantage)
Essential Skills
Splunk ITSI and UBA
Virtualization & Cloud Platforms (Azure, Google Cloud, AWS)
Microsoft Security (Sentinel, Defender Suite, etc.)
Desirable Skills
CRIBL
Advanced security monitoring toolsets
Additional cloud and security certifications
Automation or orchestration platform experience
Keywords
Digital, Amazon Web Services (AWS), Cloud Computing, Splunk, SIEM, Azure Sentinel, Security Engineering
Experience Required
8–10 years in security engineering, SIEM technologies, or related fields.
|
