Security Engineer (Splunk)
CyberProof is a cyber security services and platform company whose mission is to help our customers react faster and smarter – and stay ahead of security threats, by creating secure digital ecosystems. CyberProof automates processes to detect and prioritize threats early and respond rapidly and decisively.
CyberProof is part of the UST Global family. Some of the world’s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services.
We are seeking a skilled and experienced Security Engineer to join our onboarding team.
This position will assist with the configuration of use cases, maintain, manage, and optimize the use cases to ensure the rules are effective, and threat detection capabilities are maintained
What will you be doing? '
- Create SIEM security analytics rules and queries
- Data source validation and health analysis
- Create dashboards, workbooks, and visualizations
- Provide hypercare support for use case fine tuning and adjustments
- Minimum 3 years hands-on experience leading technical configurations, integrations for Splunk, ArcSight and Sentinel
- 2+ years on Creation and optimization of use cases in Azure Sentinel, Splunk, & ArcSight
- Proven experience to lead technical use case migration activities
- 2+ years of experience on Data source validation and health analysis
- 2+ years of experience to define technical dependencies and requirements, Splunk attack range, integration of core alerts in Splunk ES
- 2+ years to define data collection, filtering and parsing requirements
- 2+ years to create and document solution designs - HLD and LLD
- Experience in creating new parsers and optimization of data connectors (where applicable)
- Test and validate effectiveness of security analytics rules and queries
- Establish Azure DevOps CI/CD pipelines and Git repo
- Working understanding of the tools and processes of a Security Operations Center. It is preferred that the candidate have at least 2 years working in a SOC, but this can be substituted with 5 or more years as a Solutions Architect in an MSSP or similar capacity.
- Working understanding of the MITRE Framework.
- Excellent English language communications skills both oral and written.