Security Operations Center Engineer

Overview

IDEMIA is the global leader in identity and security. Our mission is to create a safe and simple future where identity verification is indisputable, and only you can assert your identity. We are a distributed company leveraging the latest technologies to deliver world-class products in the private and public sectors of finance, telecom, identity, security, retail, sports entertainment, commercial, government, and IoT. We use a variety of technologies and approaches to deliver quality product and services to government agencies and technology companies. IDEMIA is a made up of a group of 14,000 diverse people from different nationalities, speaking over 20 different languages. Together, our solutions impact the everyday lives of citizens and nations. In this ever-changing world, protecting your identity is paramount. Join the team that is ensuring one person- one identity.

Responsibilities

Position Summary: We are seeking a highly skilled and detail-oriented Information Security Engineer with expertise in security operations and Splunk engineering to join our cybersecurity team. This role is integral in supporting and enhancing our security operations through the development, implementation, and management of Splunk dashboards, alerts, and security monitoring solutions. The ideal candidate will have a strong background in security information and event management (SIEM), incident response, and data analysis.

Primary Responsibilities:

• Analyze security event data to identify potential threats and vulnerabilities.
• Triage, investigate, and respond to alerts and security incidents, coordinating with internal teams and external stakeholders.
• Develop and implement incident response plans, procedures, and playbooks.
• Perform as the Lead for Incident Response activities coordinating with the company’s Managed Security Service Provider and additional Incident Response forensics resources, as appropriate.

• Contribute to detection efforts by assisting in the creation or requests for new detections as well as tuning detections.

• Design, implement, and manage Splunk dashboards, reports, and alerts for security monitoring and incident response.
• Optimize Splunk data ingestion strategies.
• Develop and maintain correlation rules, custom queries, and use cases to improve threat detection capabilities.
• Maintain a strong understanding of Splunk best practices and continuously improve query performance and reporting quality.
• Support compliance initiatives by generating reports and audits using Splunk.
• Provide technical guidance and support for Splunk integrations and configurations.
• Stay current with emerging security threats, vulnerabilities, and technology trends.

**Must be a US Citizen, without dual Citizenship

Qualifications

Qualifications:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience).
• 3+ years of experience in security operations or cybersecurity roles.
• 2+ years of hands-on experience with Splunk, including engineering and administration.
• Strong understanding of SIEM technologies, log management, and security analytics.
• Hands-on experience conducting incident response investigations and related activities.
• Experience with scripting languages such as Python, PowerShell, or Bash is a plus.
• Familiarity with MITRE ATT&CK framework and threat intelligence concepts.
• Security certifications such as Splunk Certified Power User, Splunk Certified Admin, CISSP, CEH, or Security+ are a plus.

• Ability to work independently and collaboratively in a fast-paced environment.
• Excellent problem-solving, communication, and analytical skills.