Splunk SIEM Engineer

We are currently seeking a skilled Splunk SIEM Engineer to lead the setup and configuration of SIEM functionality within our existing Splunk SIEM instance at ICS. This role is pivotal in strengthening our security monitoring capabilities and ensuring robust threat detection and response across the enterprise.

Key Responsibilities:

• Configure and optimize Splunk SIEM components including indexers, search heads, and log forwarders.

• Integrate diverse log sources and security tools (e.g., firewalls, proxies, IDS/IPS, WAF) into the SIEM environment.

• Develop and implement custom use cases, dashboards, alerts, and reports tailored to ICS security requirements.

• Collaborate with IT and security teams to ensure seamless integration and data flow.

• Conduct architecture reviews and ensure compliance with ICS security standards.

• Provide operational support and incident response for Splunk systems.

• Document engineering patterns and configuration standards for future reference.

  
  

Qualifications:

• Proven experience in Splunk SIEM setup, configuration, and administration.

• Strong understanding of security operations, threat detection, and incident response.

• Familiarity with enterprise log source configuration and content creation.

• Background in IT or Information Security; certifications such as CISSP, GCTI, or CTIA are a plus.

• Excellent communication and collaboration skills.

  
  

Benefits:

• Medicover healthcare package

• Multisport card

• Access to an e-learning platform

• Group life insurance