Security Engineer - Splunk

Job Requisition ID: 36339 

• Analyze, Visualize, Protect – Elevate Cybersecurity with Splunk
• Unlock the Power of Data – Join Us as a Security Splunk Engineer
• CulturalFlex to observe your cultural and religious days of significance

About the role

We are looking for an experienced and highly skilled Senior Splunk Engineer to join our Security Operations Centre (SOC) at the managerial level. This role is pivotal in enhancing our security monitoring and incident response capabilities through the effective use of Splunk. The ideal candidate will have extensive experience in cybersecurity and a deep understanding of Splunk’s ecosystem, including its integration with other security tools. You will be working as part of a wider engineering team that manages multiple security tools across client environments.

About the team

A Splunk Engineer will be a part of the SOC team and will play a key role in utilizing the Splunk platform to manage, analyze, and optimize security data for enhanced visibility and defense. Here’s an overview of their main responsibilities:

Key Responsibilities

• Splunk Management: Oversee the design, implementation, and maintenance of Splunk infrastructure.
• Security Monitoring: Develop and optimise Splunk searches, alerts, and dashboards to enhance security monitoring.
• Incident Response: Collaborate with SOC analysts to investigate and respond to security incidents using Splunk.
• Data Integration: Integrate various data sources into Splunk to provide comprehensive security visibility.
• Performance Tuning: Ensure the performance and scalability of Splunk deployments.
• Team Leadership: Mentor and guide junior engineers and analysts within the SOC.
• Stakeholder Collaboration: Work closely with other teams and stakeholders to understand their needs and deliver effective Splunk solutions.
• Reporting and Documentation: Maintain detailed documentation and reporting on all Splunk-related activities.

Required Skills

1. Extensive Splunk Experience: Proven experience with Splunk Enterprise, including architecture, deployment, and administration.
2. Security Knowledge: Deep understanding of cybersecurity principles, threat detection, and incident response. Knowledge of frameworks such as MITRE.
3. Search Processing Language (SPL): Proficient in writing complex SPL queries, reports, and dashboards.
4. Data Onboarding: Experience with data onboarding, normalisation, and parsing within Splunk.
5. Problem-Solving Skills: Strong analytical and problem-solving abilities.
6. Performance Optimisation: Experience in tuning and optimising Splunk performance.
7. Communication Skills: Excellent verbal and written communication skills for interacting with technical and non-technical stakeholders.
8. Project Management: Ability to manage multiple projects concurrently with a high level of organisation.
9. Team Collaboration: Proven ability to work effectively in a team and lead initiatives.

Desirable Skills

• Certifications: Relevant certifications such as Splunk Certified Architect, CISSP, or CEH.
• SOAR Integration: Familiarity with integrating Splunk with SOAR platforms (e.g., Phantom, Palo Alto XSOAR).
• Cloud Environments: Experience with deploying and managing Splunk in cloud environments (e.g., AWS, Azure).
• Machine Learning: Understanding of machine learning techniques and their application in security analytics.
• Scripting Skills: Proficiency in scripting languages (e.g., Python, PowerShell, Shell) for automation tasks.

Qualifications

• Education: Bachelor’s degree in Computer Science, Information Technology, or a related field. Advanced degrees are a plus.
• Experience: Minimum 5-7 years of relevant experience in Splunk, with at least 2 years focused on security.

Why Deloitte 

At Deloitte, we focus our energy on interesting and impactful work. We’re always learning, innovating and setting the standard; making a positive difference to our clients and our society. We put coaching at the heart of what we do, helping our people grow their careers in any direction – whether it be up, moving into something new, or even moving across the world.  

 We embrace diversity, equity and inclusion. We have a diverse collection of people from different backgrounds, with different experiences, gender identities, abilities and thinking styles. What binds us together is a shared commitment to value everyone’s perspective and to cultivate inclusion; so that our work environment is a safe space we can all belong.   

We prioritise flexibility and choice. At Deloitte, you get trust on Day 1. We know our people get their best work done when they’re in control of where and how they work, designing their work week around their client, team, and personal commitments.

 We help you live and work well. To support your personal and professional life, we offer a range of perks and benefits, including retail discounts, wellbeing leave, paid volunteering days, twelve flexible working options, market-leading parental leave and return to work support package. 

Next Steps

Sound like the sort of role for you? Apply now, we’d love to hear from you!

By applying for this job, you’ll be assessed against the Deloitte Talent Standards. We’ve designed these standards so that you can grow in your career, and we can provide our clients with a consistent and exceptional Deloitte employee experience globally. The preferred candidate will be subject to background screening by Deloitte or by their external third-party provider.