Splunk Engineer

Employer: US-based cybersecurity company headquartered in New York City

Location: Remotely from Poland, business trips up to 10% of working time

Rate: 45 - 55 USD per hour + VAT

Working time: 15:00- 23:00 (Polish time) 

Cooperation model: B2B

Start date: ASAP

Recruitment process: 2-3 interviews (screening and two technical interviews about 30 min)

Our Client is a US-based cybersecurity company headquartered in New York City whose mission is to support its clients in mitigating cyber threats. They are focused on three main areas: Cyber Breach Response, Cloud Security Services, and Proactive Cyber Services. Their military-grade professionals have decades of experience in cyber operations and apply their knowledge of the attacker perspective to facilitate efficient, effective, and scalable responses to cyber breaches. Their growing team combines operational and technological disciplines with instinctual methods to keep their client’s information safe.

Your role is to:

-> Set up SIEM and SOAR solutions to ensure they work smoothly with various security tools, systems, and data sources. Perform testing and validation for both SIEM and SOAR; 

-> Design, implement, and maintain scalable Splunk environments, including clustered deployments, to enhance performance and reliability;   

-> Develop detection use cases and implement SIEM detection rules. Create remediation use cases for SOAR; 

-> Plan and execute Splunk migrations to minimise downtime and ensure compliance with organisational standards; 

-> Integrate log sources with SIEM and optimize log ingestion and processing. Conduct threat hunting, enrich data, onboard threat intelligence feeds, and utilize them for automated responses.

Your skills and experiences:

-> At least 3 years of experience in a SOC environment as a Splunk SIEM Engineer, demonstrating proven expertise in managing large-scale Splunk deployments;

-> Basic knowledge of at least one cloud platform (GCP, Azure, AWS);

-> Technical knowledge of Internet security, Network protocols, and related technologies, including IDS/IPS, firewalls, content filtering, Network Behaviour Analysis tools, Anti-malware and packet inspection.;

-> Basic understanding of Windows, Linux, DB, network device monitoring and logging techniques;

-> Basic understanding of host and network security hardening and common security risk management concepts;

-> Strong English skills (C1).

Nice to have:

+ Proficiency in scripting and automation (e.g., Python, PowerShell), developing API integrations with SIEM/SOAR;

+ Familiarity with attack frameworks and knowledge bases, such as the MITRE ATT&CK framework, CAPEC, etc;

+ Experience with leveraging AI assistance in daily security operations;

+ Splunk certifications (e.g., Splunk Core Certified Power User, Splunk Enterprise Security Certified Admin);

Our client offers:

+ A possibility to join a team of security consultants investigating computer crimes and breaches that make the headlines – and many more that don’t;

+ Great opportunity for personal development in a stable and friendly multinational company;

+ Competitive salary;

+ Remote work together with participation in global projects;

+ A possibility of growing your craft alongside like-minded professionals

If interested, please apply safely through this portal (application rules are in accordance with GDPR). Employment agency Nr 17138.