Remote in the United States, MD, USA
86 days ago
Sr. Security Engineer - Splunk Enterprise Security
Sr. Security Engineer - Splunk Enterprise Security Location: Remote in the United States US Citizenship required BlueVoyant is currently seeking an experienced Senior Security Engineer to join our Splunk Deployment Engineering Team. In this role you will utilize your advanced knowledge of Splunk security, SIEM platforms and related technologies. You will act as a lead engineer on large and enterprise sized SIEM projects to enable our Splunk MDR offerings within customer environments and clouds; involving hands-on deployment of a comprehensive range of SIEM based security solutions and technologies. Additionally, you may participate in Microsoft Sentinel deployments, ensuring cross-training and knowledge sharing within multi-SIEM environments. Responsibilities: + Work on Splunk Enterprise and Splunk Cloud project implementations for customers (remotely), starting with design and architecture, deployment and use case tune-up.  + Participate in the development of SIEM customizations to meet the customer requirements for enhancing MDR services. + Create and develop new detection, automation and reporting use cases per customer requirements.  + Assess and report maturity of client SIEM and MDR deployments. + Define and assist in the creation of operational and executive security reports and dashboards.  + As needed, assist with multi-SIEM environments that include Splunk, Microsoft Sentinel, and Azure technologies. + Work on MDR integration activities across the Splunk, Cribl and Microsoft Sentinel product stacks. + Be a strategic and lead technical delivery resource within a team for large and enterprise client-facing projects.   + Act as a lead on the Deployment Engineering team and provide mentoring for other mid and junior level engineers. + Participate in ongoing support activities for client facing environments to help mature and maintain our MDR practices.  + Identify and implement improvements around process and technical enablement.  + Contribute to knowledge sharing activities, such as internal documentation, lunch and learns, public facing blogs, etc.   Qualifications: + At least 8 years of technical experience with enabling security technologies. + Strong experience with Splunk Enterprise and Splunk Cloud management and configuration. + Advanced experience in Splunk Enterprise Security premium app configuration and management. + Strong experience in Splunk Search Process Language (SPL) + Knowledge and familiarity of enterprise IT systems in relation to cyber security and log management. + Hands-on engineering experience with SIEM and MDR technologies. + Excellent communication skills to work in a dynamic and fast-paced team environment. Preferred Competencies:  + Strong experience in additional query languages and/or script development such as SQL, Bash PowerShell, SKQL, etc.   + Experienced and comfortable in customer facing roles + Expertise in Cloud technologies such as Azure, AWS, or GCP. + Expertise in understanding of Incident investigation and response skill sets. + Proficient in Python, bash scripting, and/or RegEx. + Proficient with navigating and supporting Linux & Windows hosts; AWS, Azure and GCP hosted infrastructure; AD, Rsyslog/Syslog-ng and other related technologies. About BlueVoyant At BlueVoyant, we recognize that effective cyber security requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics, and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem. Accuracy! Actionability! Timeliness! Scalability! Led by CEO, Jim Rosenthal, BlueVoyant’s highly skilled team includes former government cyber officials with extensive frontline experience in responding to advanced cyber threats on behalf of the National Security Agency, Federal Bureau of Investigation, Unit 8200, and GCHQ, together with private sector experts. BlueVoyant services utilize large real-time datasets with industry leading analytics and technologies. Founded in 2017 by Fortune 500 executives, including Executive Chairman, Tom Glocer, and former Government cyber officials, BlueVoyant is headquartered in New York City and has offices in Maryland, Tel Aviv, San Francisco, London, Budapest, and Latin America. All employees must be authorized to work in the United States. BlueVoyant provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, BlueVoyant complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. Disclaimer: Please note that pursuant to contractual requirements and applicable law, in order for employees to perform work on some of the company’s federal contracts, U.S. citizenship is required. Accordingly, an employee’s ability to perform work on such contracts is contingent upon the company’s verification of the employee’s citizenship status. Furthermore, individuals may be subject to additional background checks and fingerprinting. BlueVoyant Candidate Privacy Notice To understand how we secure and manage your personal data upon submitting a job application, please see our Candidate Privacy Notice, which can be found here - Candidate Privacy Notice Powered by JazzHR
Confirm your E-mail: Send Email