Description:

True Zero Technologies is seeking a highly skilled and Certified Splunk User Behavior Analytics (UBA) Engineer to join their dynamic cybersecurity team.
The ideal candidate will have hands-on experience in deploying, configuring, and managing Splunk UBA solutions within large enterprise environments.
Expertise in behavioral analytics for security operations, along with a strong understanding of advanced threat detection and insider threat programs, is critical.
The role involves designing, deploying, and maintaining Splunk UBA solutions to support enterprise-wide security initiatives.
Responsibilities include developing and tuning behavior models for detecting insider threats, integrating Splunk UBA with other security tools, and performing regular model tuning and system optimization.
The candidate will collaborate with the Security Operations Center (SOC) and Incident Response (IR) teams to build efficient threat detection workflows.
The position requires integrating z/OS log data into Splunk for centralized security monitoring and staying updated on the latest developments in behavioral analytics.
The candidate will provide advanced troubleshooting and support for Splunk UBA and assist with complex incident resolution.

Requirements:

A Splunk UBA Certification and/or Splunk Enterprise Security Certification is required.
The candidate must have 3+ years of hands-on experience with Splunk UBA in large-scale environments.
A strong understanding of behavioral analytics and insider threat detection methodologies is necessary.
Experience in integrating and customizing Splunk UBA use cases and threat models is required.
Proficiency in Splunk Core, Splunk Enterprise Security (ES), SPL (Search Processing Language), and data onboarding best practices is essential.
Familiarity with enterprise logging practices and SIEM integrations is needed.
Experience with security frameworks such as MITRE ATT&CK, NIST CSF, and ISO 27001 is required.
Scripting experience with Python, Bash, or PowerShell for automation tasks is necessary.
Strong communication and documentation skills are essential.

The position offers a competitive salary, paid twice per month.
Employees receive best-in-class medical coverage, with 100% of medical premiums covered by True Zero.
There are company-wide new business incentive programs and contribution incentives for white papers, blog posts, and internal webinars.
Employees start with 3 weeks of PTO plus 11 paid holidays annually.
A 401k program is available with a 100% company match on the first 4%.
Monthly reimbursement for cell phone and home internet costs is provided.
Paternity and maternity leave are offered.
True Zero invests in training and certifications to help employees broaden and deepen their technical skills.