Threat Detection Engineer - Splunk Developer

PLN 152K-279K (estimate) Mid-level Full Time Found 17d ago

Tasks

• Collaborate with stakeholders to gather requirements
• Conduct coverage gap assessments and contribute to threat coverage reporting
• Design, develop, and tune Splunk ES correlation searches
• Identify and improve detection workflows and detection engineering lifecycle
• Implement and optimize Splunk ES features
• Maintain documentation for detection logic and deployment
• Perform false-positive analysis and high-fidelity tuning
• Perform peer reviews of detection content
• Validate detections through testing and adversary simulation
• Work with log onboarding teams for telemetry quality assurance

Perks/Benefits

• Collaborative culture
• Hybrid work model
• Inclusive culture
• International environment
• Knowledge sharing
• Supportive colleagues

Skills/Tech-stack

Adversary simulation | AttackIQ | Behavior-based detection | CI/CD | Cloud Security | Correlation search development | Data Model | Data Onboarding | Detection engineering | Detection validation | Endpoint Security | JSON | MITRE ATT&CK | Network Security | Performance optimization | Purple Teaming | SIEM detection | SIEM detection engineering | Search development | Security telemetry | Splunk Attack Range | Splunk CIM | Splunk SPL | Threat hunting | Threat modeling | Version control