Security Engineer - Splunk

Job description

We are looking for a Security Engineer to join the Enterprise Security team within the overall Security organization at Recorded Future. This individual will be primarily responsible for maintaining and uplifting the security stack utilized by the security team, with emphasis on a Splunk environment. The individual should also be comfortable developing creative solutions to engineering-related problems in order to best equip the security team to manage enterprise-wide security of Recorded Future.

What You'll Do:

• Deploy, configure, and maintain the Splunk environment to help the internal security team effectively manage security threats and risks
• Work cross-functionally to support other tech stack owners in the configuration and maintenance of security-centric tools (e.g. ELK, IAM tools, DLP technologies)
• Architect, build, and expand on existing solutions to solve challenging problems
• Develop dashboards, design data models, and deliver analysis of security logs in order to ensure the security of the Recorded Future enterprise

What You'll Bring:

• 3+ years of experience with deployment, configuration and troubleshooting of SIEM appliances, (Splunk)
• Experience operating within a CSIRT or SOC environment
• Experience with Cribl is a Plus
• Hands-on ability to manage distributed Splunk cluster infrastructure and all related components
This is an excerpt. Read the full job description on Recorded Future careers →