• Minimum of 5 years’ experience within Cybersecurity and SIEM technologies, with at least three years of direct Splunk application development (not just maintenance)
• Familiarity with log parsing, data models and how they relate to SIEMs, and Splunk, specifically.
• Familiarity with scripting/programming languages. Strong Python skills preferred.
• Working knowledge of developing applications in a DevOps or DevSecOps environment.
• Must have experience with Azure
• Ability to mentor team members

Job Description:
The Cybersecurity SIEM Engineer will design, implement, and operate a Splunk SaaS SIEM within the Logging and Detection Engineering team, while also integrating other technologies and platforms.
Role & Responsibilities

• Develops custom Splunk applications to support other SOC-related teams within the department.
• Writes custom detections to detect and alert on threat actor activity.
• Writes custom Python code to integrate applications with cloud technologies such as Event Hubs.
• Integrates other Splunk and non-Splunk environments into a global SIEM.
• Creates the roadmap for addressing logging gaps, maturity improvements and innovation.
• Works with Enterprise Monitoring team to seamlessly integrate platforms.

Required:

• Minimum of 5 years’ experience with SIEM technologies, with at least three years of direct Splunk application development
• Familiarity with log parsing, data models and how they relate to SIEMs, and Splunk, specifically.
• Familiarity with scripting/programming languages. Strong Python skills preferred.
• Working knowledge of developing applications in a DevOps or DevSecOps environment.
• Good working knowledge of authentication protocols such as Kerberos, SAML, and OAUTH.
• Hands-on proficiency with Microsoft Windows and GNU/Linux.
• Strong understanding of cloud computing, web technologies, and networking protocols.
• Scheduling flexibility to meet the needs of the business including evenings, weekends, and holidays.

Recommended:

• Ability to train and mentor other Splunk users with a positive attitude.
• One or more Splunk certifications.
• One or more SANS certifications.
• Customer-first and team-oriented mindset.
• Strong attention to detail.