QUALIFICATIONS:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience).
• 3+ years of experience in security operations or cybersecurity roles.
• 2+ years of hands-on experience with Splunk, including engineering and administration.
• Strong understanding of SIEM technologies, log management, and security analytics.
• Hands-on experience conducting incident response investigations and related activities.
• Experience with scripting languages such as Python, PowerShell, or Bash is a plus.
• Familiarity with MITRE ATT&CK framework and threat intelligence concepts.
• Security certifications such as Splunk Certified Power User, Splunk Certified Admin, CISSP, CEH, or Security+ are a plus.
• Ability to work independently and collaboratively in a fast-paced environment.
• Excellent problem-solving, communication, and analytical skills.

RESPONSIBILITIES:

Position Summary: We are seeking a highly skilled and detail-oriented Information Security Engineer with expertise in security operations and Splunk engineering to join our cybersecurity team. This role is integral in supporting and enhancing our security operations through the development, implementation, and management of Splunk dashboards, alerts, and security monitoring solutions. The ideal candidate will have a strong background in security information and event management (SIEM), incident response, and data analysis.

PRIMARY RESPONSIBILITIES:

• Analyze security event data to identify potential threats and vulnerabilities.
• Triage, investigate, and respond to alerts and security incidents, coordinating with internal teams and external stakeholders.
• Develop and implement incident response plans, procedures, and playbooks.
• Perform as the Lead for Incident Response activities coordinating with the company’s Managed Security Service Provider and additional Incident Response forensics resources, as appropriate.
• Contribute to detection efforts by assisting in the creation or requests for new detections as well as tuning detections.
• Design, implement, and manage Splunk dashboards, reports, and alerts for security monitoring and incident response.
• Optimize Splunk data ingestion strategies.
• Develop and maintain correlation rules, custom queries, and use cases to improve threat detection capabilities.
• Maintain a strong understanding of Splunk best practices and continuously improve query performance and reporting quality.
• Support compliance initiatives by generating reports and audits using Splunk.
• Provide technical guidance and support for Splunk integrations and configurations.
• Stay current with emerging security threats, vulnerabilities, and technology trends.