🛠 Tech Stack

💼 About This Role

You'll lead the design and optimization of advanced threat detection capabilities within a Splunk Enterprise Security environment. Your work will strengthen cybersecurity posture through sophisticated detection logic, data integration, and risk-based alerting. This high-impact role offers deep technical ownership in a fast-moving security operations environment.

🎯 What You'll Do

• Own Splunk ES detection content lifecycle: design, development, validation, tuning.
• Architect and optimize Risk-Based Alerting (RBA) frameworks and risk scoring models.
• Design and optimize complex SPL queries for performance and accuracy.
• Lead cross-domain detection engineering across identity, cloud, network, and endpoint.

📋 Requirements

• 8+ years in security engineering, SOC/IR, or detection engineering.
• 5+ years with Splunk Enterprise Security in production environments.
• Deep expertise in SPL including advanced search optimization and REST API workflows.
• Proven experience designing Risk-Based Alerting (RBA) models in enterprise environments.

✨ Nice to Have

• Experience with SOAR platforms and automation.
• Exposure to threat intelligence feeds and TAXII/STIX.
• Previous mentorship or team leadership experience.

🎁 Benefits & Perks

• 💵 Competitive salary aligned with senior-level expertise.
• 🏠 Fully remote work environment with flexibility.
• 🔐 High-impact role with ownership over core detection engineering strategy.
• 📈 Professional growth including certifications and advanced development.

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Recruiter Screen· 30 min
2. 2Technical Interview· 60 min
3. 3Hiring Manager Interview· 45 min