Remote Security Engineer (Splunk)

Description:

• Maintain and support SIEM solutions (Splunk, Sentinel, ELK, LogRhythm, Sumo Logic) in cloud environments (AWS, Azure, GCP) for FedRAMP compliance.
• Manage log collection infrastructure and support SIEM performance tuning, storage management, and licensing optimization.
• Develop detection rules, correlation searches, and alerting logic to identify security events.
• Monitor SIEM alerts, investigate security events, and support incident response activities.
• Create and maintain documentation, runbooks, and operational procedures.

Requirements:

• 3+ years of systems engineering and architecture experience.
• 3+ years of cloud experience (AWS, Azure, GCP).
• Proven expertise with SIEM platforms and enterprise antivirus solutions.
• Strong communication, organizational, and problem-solving skills.
• Experience in Agile environments and ability to work independently or in a team.
• Splunk Enterprise Certified Admin or equivalent certification required.
• US citizenship required due to client contractual obligations.

Benefits:

• Flexible work model allowing remote or office work.
• Competitive perks including paid parental leave, flexible time off, and training reimbursement.
• Comprehensive insurance options and digital mental health support.
• Opportunities for professional growth and participation in employee resource groups.