Remote Security Content Engineer – Splunk

Posted

Apply now
Please, let BlueVoyant know you found this job on RemoteYeah. This helps us grow 🌱.

Description:

  • BlueVoyant is seeking a Security Operations Center Security Content Engineer to assist global customers with their Splunk cloud security solutions.
  • The role involves generating detection logic, automation, and visualizations to help clients derive security insights.
  • Responsibilities include creating client-facing detections, collaborating with clients on visualizations, testing and tuning detection logic, and identifying opportunities for client-specific needs.
  • The engineer will deliver functional value through research, serve as a Technical SOC SME, conduct in-depth research on exploits and vulnerabilities, and assist in advancing security policies and procedures.
  • The position requires regular communication with customer IT teams to address issues and ensure business continuity.
  • The role also involves mentoring junior detection engineers and supporting incident response reporting.

Requirements:

  • Candidates must possess excellent teamwork skills and previous experience in signature writing or algorithm creation.
  • A strong ability to analyze event logs for signs of cyber intrusions or attacks is essential.
  • Hands-on experience with Microsoft Azure Sentinel, Defender ATP, O365 ATP, and other Microsoft security suites is required.
  • Candidates should have experience in developing, automating, and orchestrating tasks with logic apps, configuring Sentinel incidents, and advising customers on Microsoft Cloud Security capabilities.
  • Proficiency in Kusto Query Language (KQL) and strong scripting skills in languages such as Python and PowerShell are necessary.
  • A solid background in digital forensic analysis and blue team operations is required, along with knowledge of network protocols and devices.
  • Advanced written and verbal communication skills are essential for presenting complex technical topics clearly.
  • Familiarity with tools like Wireshark, TCP Dump, Security Onion, and Splunk is expected.
  • Knowledge of various security concepts, including SIEM, malware detection, and data loss prevention, is required.

Benefits:

  • BlueVoyant offers a fully remote work environment for this position.
  • The company provides equal employment opportunities and complies with applicable laws governing non-discrimination.
  • Employees are required to be authorized to work in the United States, and U.S. citizenship is necessary for certain federal contracts.
  • The company emphasizes a culture of teamwork and collaboration, supported by a highly skilled team with extensive experience in cybersecurity.
Apply now
Please, let BlueVoyant know you found this job on RemoteYeah . This helps us grow 🌱.
About the job
Posted on
Job type
Salary
-
Location requirements
Experience level
Technology stack
Report this job

Job expired or something else is wrong with this job?

Report this job
Leave a feedback