BlueVoyant is hiring a
Splunk Security Engineer, Remote - Worldwide

Summary

The Splunk Security Engineer is a remote role within Europe that requires substantial experience in SIEM platforms and standard marketplace security tools to help identify and reduce environmental threats. The role involves complex Splunk and/or Cribl deployments, creating new use cases, and supporting customers in strategically developing their overall data collection and security tooling.

Requirements

• At least 6+ years of technical experience in the cybersecurity field
• Splunk Architect certification
• Deep expertise with Splunk or Sentinel SIEM platform
• Deep expertise in at least one leading cloud provider (Azure, AWS, or GCP)
• Proven experience with Cloud technologies and security solutions
• Development and design experience in automation services
• Hands-on experience in script development
• Advanced knowledge and expertise in using SIEM technologies for event investigation
• Knowledge of SIEM query development for security use cases
• Demonstrated experience in data visualization creation for decision-making
• Customer-facing – excellent communication skills
• Deployment experience in large/complex environments
• Experience with multiple query languages such as KQL, SPL, and SQL

Responsibilities

• Work on complex SIEM project implementations for various customers in different parts of the world (remotely)
• Coordinate evidence/data gathering and documentation from various tools and collection methods
• Create and develop new SIEM use cases as per the customer requirements
• Define and assist in creating operational and executive security reports and dashboards
• Participate in R&D activities across different parts of the organization
• Work on internal integration activities as needed
• Maintain familiarity with cybersecurity market trends and capabilities
• Be the customer’s key technical contact
• Supporting the BlueVoyant Sales team as a pre-sales engineer for enterprise opportunities
• Interact with the BlueVoyant Day-2 team and responsible for transitioning customer-managed infrastructure into the BlueVoyant SOC environment
• Deliver to customers security workshops
• Conduct task-driven requests from customers based on a defined ITSM
• Additional Professional Services activities with Splunk and Cribl

Preferred Qualifications

• Advanced experience configuring endpoint detection technology such as Defender, Crowdstrike, or SentinelOne is a plus
• Any security certifications, such as CISSP, CISM, CEH, and SABSA, are a plus
• Proficient in Dutch, French, German, or Spanish is a plus