Tech Stack

Description

You will build and tune custom threat detection rules in Splunk Enterprise Security, develop dashboards for threat hunting and monitoring, and partner with security operations to integrate detections with SOAR platforms. You'll also design automated data ingestion pipelines and optimize the Splunk platform for high availability and performance.

Requirements

• 5+ years in technology roles with 3+ years hands-on Splunk Enterprise experience
• Experience developing correlation searches, alerts, and dashboards in Splunk ES
• Strong knowledge of log formats, parsing, regex, and data normalization
• Proficiency in scripting languages (Python, Perl, PowerShell, SQL)
• Solid understanding of cybersecurity principles and threat detection methodologies

Responsibilities

• Build, tune, and maintain custom threat detection rules and alerts in Splunk ES
• Develop Splunk dashboards and applications for threat hunting and security operations monitoring
• Integrate detections with SOAR platforms for automation and response
• Analyze, parse, normalize, and enrich security data for reliable detection
• Design and implement automated data ingestion pipelines for new log sources