Senior Splunk Engineer

Principal Duties and Essential Responsibilities:

• 10+ years of hands on experience with designing/development of splunk applications.
• Advanced Splunk analytics and the development of custom Splunk applications
• Splunk data integrations with business-critical enterprise applications and systems.
• Translating feedback from the business to Splunk technical requirement and solutions.
• Develop specialized Splunk Security and Compliance applications, add-ons, data models, dashboards, content using Python, Splunk SPL, Splunk SimpleXML (OR JavaScript, CSS), Bash.
• Develop custom Splunk applications and Add-Ons for inclusion of access events per use case criteria.
• Leverage Modular design to onboard access/security logging applications and include in incident scoring.
• Onboard access logging applications via modular design
• Develop Splunk Risk scoring based on compliance conditions to determine suspicious access events.
• Develop custom risk scoring to weed out white noise and only show actionable incidents to SOC Analysts.
• Develop Dashboards for Security Analysts with detailed drill down capability for incident response.
• Develop triage workflows for analysts to assign and track ongoing investigations.
• Develop summary indexing enrichment of access events with IAM data, Application data, Break-the-Glass logs.
• Aggregate access event data for specific criteria.
• Enable fast searching across fully enriched access events over long periods of time.
• Develop Break-the-Glass correlations in Splunk for contextual user access / app data mapping & monitoring.
•  
• Should be proficient in coordinating with the offshore development and support team, managing maintenance schedules outside of standard business hours, including weekends.
• Excellent interpersonal and communication skills.

Qualifications:

Education: Bachelor’s degree in computer science, Engineering, or a related field.

Required Experience and Skills:

• Extensive SOAR Experience: 5+ years of hands-on experience with SOAR platforms (e.g., Palo Alto, Splunk, Splunk SIEM).
• Incident Response Knowledge: Strong background in incident response, particularly in high-stakes environments like financial or global payments.
• Programming Proficiency: Proficiency in Python, JavaScript, or other languages commonly used in SOAR playbook development.
• Security Tool Integrations: Experience with SIEM, EDR, threat intelligence, and other tools commonly integrated into SOAR.
• Communication Skills: Ability to translate technical requirements into actionable automation solutions for stakeholders across Cyber Security.

In addition to active Splunk certification(s), must also have practical experience with the following:

• Python development – Proficiency in Python programming language
• Splunk SimpleXML or web development (JavaScript, CSS)
• Splunk app & add-on development
• Splunk data modeling
• Strong experience in Splunk development, building dashboards, reports and lookup tables.
• Programming experience (Python and Splunk SimpleXML OR JavaScript, CSS)
• Working knowledge of Splunk including SPL, indexers, forwarders, search heads
• Experience in OOAD, agile processes, design patterns
• Expertise in large scale cyber security data analytics, identifying data-driven threat collection opportunities.
• Prior Information security analysis experience in a Cyber Security Operations Center (CSOC)

 

At Verint, we believe customer engagement is the core of every global brand. Our mission is to help organizations discover opportunities previously only scarcely imagined by connecting work, data, and experiences enterprise wide. We hire innovators with the passion, creativity, and drive to answer constantly shifting market challenges and deliver impactful results for our customers. Our commitment to attracting and retaining a talented, diverse, and engaged team creates a collaborative environment that openly celebrates all cultures and affords personal and professional growth opportunities. Learn more at www.verint.com.