Splunk Engineers are responsible for designing and architecting Splunk Enterprise and Cloud environments. They develop detection and monitoring use cases, integrate Splunk with various data sources, build dashboards, and collaborate with teams on automated response workflows.
Key Responsibilities
* Design high-availability and distributed Splunk environments to ensure seamless performance.
* Develop detection and monitoring use cases aligned with frameworks like MITRE ATT&CK, enabling effective threat detection.
* Integrate Splunk with endpoint, network, cloud, and identity platforms to provide comprehensive visibility.
* Build and optimize dashboards, correlation searches, and alerts for Security Operations Center (SOC) and threat detection teams.
Ideal candidates have hands-on experience with Splunk Enterprise Security, Splunk Cloud, and Splunk SOAR. Familiarity with security frameworks and understanding of SIEM/SOAR integration is beneficial.