Incident Response & Splunk Engineer

Key Responsibilities:
- Threat Detection & Monitoring: Monitor security tools to identify suspicious activities and potential threats.
Analyze threat intelligence (CTI) to identify trends and patterns for developing custom detections and enhancements to existing telemetry tools.
- Incident Response: Analyze and respond to security incidents, coordinating efforts to mitigate impact and prevent recurrence. Perform digital forensic investigations to determine the scope and impact of security breaches.
- Splunk Platform Management: Lead the management of the Splunk platform, including maintaining its health and stability. Configure and implement Splunk applications and custom field extractions, lookups, and dashboards.
Ensure the platform supports SOC and Blue Team operations effectively.
- Collaboration & Reporting: Work closely with other departments to integrate security practices throughout the system lifecycle. Provide technical support to SOC and Blue Team members.

Job Requirements

Fluent in spoken and written English for communication with vendors and cross-functional teams.