Splunk Engineer
Winged IT
Winged IT is one of the fastest-growing companies in Poland, specializing in recruiting and delivering top-tier IT professionals. We support global organizations in building technology teams across sectors such as Software Development, FinTech, AI, Cybersecurity, Gaming, Pharma, and Logistics. Additionally, we have extensive experience in establishing Polish branches for international companies—offering comprehensive support to help our clients successfully enter the Polish market and drive their business growth.
Tech stack
SoC
Azure
GCP
IT Security
Job description
Employer: US-based cybersecurity company headquartered in New York City
Location: Remotely from Poland, business trips up to 10% of working time
Rate: 45 - 55 USD per hour + VAT
Working time: 15:00- 23:00 (Polish time)
Cooperation model: B2B
Start date: ASAP
Recruitment process: 2-3 interviews (screening and two technical interviews about 30 min)
Our Client is a US-based cybersecurity company headquartered in New York City whose mission is to support its clients in mitigating cyber threats. They are focused on three main areas: Cyber Breach Response, Cloud Security Services, and Proactive Cyber Services. Their military-grade professionals have decades of experience in cyber operations and apply their knowledge of the attacker perspective to facilitate efficient, effective, and scalable responses to cyber breaches. Their growing team combines operational and technological disciplines with instinctual methods to keep their client’s information safe.
Your role is to:
-> Set up SIEM and SOAR solutions to ensure they work smoothly with various security tools, systems, and data sources. Perform testing and validation for both SIEM and SOAR;
-> Design, implement, and maintain scalable Splunk environments, including clustered deployments, to enhance performance and reliability;
-> Develop detection use cases and implement SIEM detection rules. Create remediation use cases for SOAR;
-> Plan and execute Splunk migrations to minimise downtime and ensure compliance with organisational standards;
-> Integrate log sources with SIEM and optimize log ingestion and processing. Conduct threat hunting, enrich data, onboard threat intelligence feeds, and utilize them for automated responses.
Your skills and experiences:
-> At least 3 years of experience in a SOC environment as a Splunk SIEM Engineer, demonstrating proven expertise in managing large-scale Splunk deployments;
-> Basic knowledge of at least one cloud platform (GCP, Azure, AWS);
-> Technical knowledge of Internet security, Network protocols, and related technologies, including IDS/IPS, firewalls, content filtering, Network Behaviour Analysis tools, Anti-malware and packet inspection.;
-> Basic understanding of Windows, Linux, DB, network device monitoring and logging techniques;
-> Basic understanding of host and network security hardening and common security risk management concepts;
-> Strong English skills (C1).
Nice to have:
+ Proficiency in scripting and automation (e.g., Python, PowerShell), developing API integrations with SIEM/SOAR;
+ Familiarity with attack frameworks and knowledge bases, such as the MITRE ATT&CK framework, CAPEC, etc;
+ Experience with leveraging AI assistance in daily security operations;
+ Splunk certifications (e.g., Splunk Core Certified Power User, Splunk Enterprise Security Certified Admin);
Our client offers:
+ A possibility to join a team of security consultants investigating computer crimes and breaches that make the headlines – and many more that don’t;
+ Great opportunity for personal development in a stable and friendly multinational company;
+ Competitive salary;
+ Remote work together with participation in global projects;
+ A possibility of growing your craft alongside like-minded professionals
If interested, please apply safely through this portal (application rules are in accordance with GDPR). Employment agency Nr 17138.
Check similar offers
