Match score not available

Splunk Security Engineer

unlimited holidays - extra parental leave - fully flexible

Remote:

Full Remote

Contract:

Full time

Experience:

Senior (5-10 years)

Work from:

Europe

Offer summary

Qualifications:

At least 6+ years of technical experience in cybersecurity., Splunk Architect certification., Deep expertise in Splunk or Sentinel SIEM platform., Knowledge of cloud providers and security solutions., Experience with automation services and endpoint detection..

Key responsabilities:

Impressive work on complex SIEM projects remotely.
Create SIEM use cases following customer specifications.
Generate operational reports and executive dashboards.
Support customers with data collection and security measures.
Assist in internal integration activities and RD across the organization.

bluevoyant Cybersecurity Large https://www.bluevoyant.com/

501 - 1000 Employees

HQ: New York

See more bluevoyant offers

Job description

Splunk Security Engineer

Location: Remote in Europe

Summary:

The Splunk Security Engineer has substantial experience in SIEM platforms and standard marketplace security tools to help identify and reduce environmental threats. They will perform complex Splunk and/or Cribl deployments in customer environments, design activities using various security tools, technologies, and frameworks, and support customers in strategically developing their overall data collection and security tooling.

Responsibilities:

Work on complex SIEM project implementations for various customers in different parts of the world (remotely), including but not limited to deployment and use case development.
Coordinate evidence/data gathering and documentation from various tools and collection methods.
Create and develop new SIEM use cases as per the customer requirements.
Define and assist in creating operational and executive security reports and dashboards.
Participate in R&D activities across different parts of the organization.
Work on internal integration activities as needed.
Maintain familiarity with cybersecurity market trends and capabilities.
Be the customer’s key technical contact.
Supporting the BlueVoyant Sales team as a pre-sales engineer for enterprise opportunities.
Interact with the BlueVoyant Day-2 team and responsible for transitioning customer-managed infrastructure into the BlueVoyant SOC environment.
Deliver to customers security workshops.
Conduct task-driven requests from customers based on a defined ITSM.
Additional Professional Services activities with Splunk and Cribl.
Willingness to obtain additional work-related certifications.

Qualifications:

At least 6+ years of technical experience in the cybersecurity field.
Splunk Architect certification.
Deep expertise with Splunk or Sentinel SIEM platform.
Deep expertise in at least one leading cloud provider (Azure, AWS, or GCP).
Proven experience with Cloud technologies and security solutions.
Development and design experience in automation services.
Hands-on experience in script development.
Advanced knowledge and expertise in using SIEM technologies for event investigation.
Knowledge of SIEM query development for security use cases.
Demonstrated experience in data visualization creation for decision-making.
Customer-facing – excellent communication skills.
Deployment experience in large/complex environments.
Experience with multiple query languages such as KQL, SPL, and SQL.
Advanced experience configuring endpoint detection technology such as Defender, Crowdstrike, or SentinelOne is a plus.
Any security certifications, such as CISSP, CISM, CEH, and SABSA, are a plus.
Proficient in English. Dutch, (French, German, or Spanish is a plus).

About BlueVoyant

At BlueVoyant, we recognize that effective cyber security requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics, and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem. Accuracy! Actionability! Timeliness! Scalability!

Led by CEO, Jim Rosenthal, BlueVoyant’s highly skilled team includes former government cyber officials with extensive frontline experience in responding to advanced cyber threats on behalf of the National Security Agency, Federal Bureau of Investigation, Unit 8200, and GCHQ, together with private sector experts. BlueVoyant services utilize large real-time datasets with industry leading analytics and technologies.

Founded in 2017 by Fortune 500 executives, including Executive Chairman, Tom Glocer, and former Government cyber officials, BlueVoyant is headquartered in New York City and has offices in Maryland, Tel Aviv, San Francisco, London, Budapest, and Latin America.

All employees must be authorized to work in Europe. BlueVoyant provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, BlueVoyant complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.

Disclaimer: Please note that under contractual requirements and applicable law, European citizenship is required for employees to work on some of the company’s contracts. Accordingly, an employee’s ability to work on such contracts is contingent upon the company’s verification of the employee’s citizenship status. Furthermore, individuals may be subject to additional background checks and fingerprinting.

BlueVoyant Candidate Privacy Notice

To understand how we secure and manage your personal data upon submitting a job application, please see our Candidate Privacy Notice, which can be found here - Candidate Privacy Notice