Senior Cyber Security Engineer

100% Remote position

Candidates should take the time to read all the elements of this job advert carefully Please make your application promptly.

Job Description :

Daily Responsibilities :

• As a security engineer, the ideal candidate is expected to :
• Plan, design, engineer, and implement security-related technologies.
• Identify and communicate opportunities to enhance the security posture of the client.
• Build and / or manage enterprise security platforms effectively (mainly Splunk and SOAR).
• Communicate effectively across all levels of management to articulate client security goals and vision.

Splunk Focused Responsibilities :

• Design and Architecture :
• Lead the design, deployment, and maintenance of Splunk infrastructure across multiple environments.
• Develop and implement best practices for scaling and optimizing Splunk deployments.
• Architect complex Splunk solutions tailored to the organization's needs, ensuring data integrity and optimal performance.

Data Ingestion and Management :

• Integrate and ingest data from various sources (applications, network devices, security tools) into Splunk, ensuring data normalization and enrichment.
• Create and manage data models, field extractions, lookups, and accelerations.

Dashboard and Alerting :

• Design, develop, and maintain custom dashboards, reports, and alerts for different stakeholders (IT, Security, Compliance).
• Implement real-time monitoring and alerting solutions to detect and respond to critical incidents.

Security and Compliance :

• Work closely with the Security Operations Center (SOC) to support security monitoring, threat detection, and incident response efforts.
• Ensure Splunk deployments meet compliance requirements and are aligned with industry standards (e.g., PCI, HIPAA, GDPR).

Collaboration and Support :

• Collaborate with cross-functional teams (developers, network engineers, security analysts) to ensure seamless integration of Splunk with other systems.
• Provide mentoring and training to junior Splunk engineers and other IT staff.
• Troubleshoot and resolve complex Splunk-related issues, ensuring minimal downtime and service disruption.

Automation and Scripting :

• Develop scripts and automation tools to streamline Splunk administration, data ingestion, and reporting tasks.
• Utilize Splunk's REST API for advanced integrations and custom solutions.

Documentation and Reporting :

• Maintain detailed documentation of Splunk architecture, configurations, processes, and procedures.
• Generate periodic reports on Splunk performance, usage, and incidents for management review.

Minimum Requirements :

• A minimum of 5+ years of hands-on experience in building, designing, and maintaining enterprise security tools such as SIEM and SOAR.
• Minimum of 5 years of experience working with Splunk in a large-scale environment.
• Proven experience in designing and managing Splunk Enterprise and Splunk Cloud.
• 5+ years of successfully implementing advanced cybersecurity technology in a complex environment.
• Bachelor's degree in computer science, engineering, or other related discipline, or 5+ years of previous technical security experience.
• Strong knowledge of Splunk SPL (Search Processing Language) and regular expressions.
• Experience with cloud platforms (AWS, Azure, GCP) and their integration with Splunk.
• Hands-on technical experience with networking and computing system architectures, specifically the security aspects thereof.
• Hands-on technical experience with compliance and regulatory frameworks and how they affect architecture designs and reviews.
• Must have 5+ years of scripting experience (using Python or other equivalent languages).

J-18808-Ljbffr