Security Engineer, Splunk

Stelle nicht auf LinkedIn

🕒 vor 7 Tagen

🇺🇸 Vereinigte Staaten – Remote

💵 $78.000 - $135.000 / Jahr

⏰ Vollzeit

🟡 Mittelstufe

🟠 Senior

👮‍♂️ IT-Sicherheitsingenieur

🦅 H1B-Visum-Sponsor

Dieses Unternehmen hat in der Vergangenheit H1B-Visa gesponsert.

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

Coalfire

WebsiteLinkedInAlle Stellen

1001 - 5000 Mitarbeiter

Gegründet 2001

🔒 Cybersecurity

📋 Compliance

🏢 Unternehmen

Cybersecurity • Compliance • Enterprise

Coalfire ist ein Anbieter von Cybersecurity-Dienstleistungen, der Unternehmen dabei hilft, ihre Sicherheitsresilienz zu verbessern und die Einhaltung von Vorschriften effizienter zu gestalten. Das Unternehmen bietet durch Experten geführte Dienstleistungen an, darunter bedrohungsorientierte Cybersecurity-Programme, Automatisierung der Compliance, Risikomanagement und Sicherheitsberatung in verschiedenen Branchen wie Finanzdienstleistungen, Gesundheitswesen, Einzelhandel und Technologie. Coalfire ist bekannt für seine Expertise sowohl auf der Hacker- als auch auf der Verteidigerseite, und seine Plattformen sind darauf ausgelegt, die Cyber-Resilienz der Kunden zu stärken, Angriffsflächen zu reduzieren und die Erreichung von Compliance-Zielen wie FedRAMP und HITRUST zu beschleunigen.

Beschreibung

• Maintain SIEM solutions (Splunk, Sentinel, ELK, LogRhythm, Sumo Logic) in cloud environments (AWS, Azure, GCP) to support FedRAMP continuous monitoring requirements • Maintain and support SIEM platforms (Splunk, Sentinel, ELK, LogRhythm, Sumo Logic) in AWS, Azure, and GCP environments to support continuous monitoring and compliance requirements • Manage and maintain log collection infrastructure including forwarders, collectors, and ingestion pipelines across hybrid environments • Support SIEM performance tuning, storage management, retention settings, and licensing optimization under established operational guidelines • Implement and maintain log retention and audit configurations aligned with FedRAMP and other compliance framework requirements • Develop, tune, and maintain detection rules, correlation searches, and alerting logic to identify security events • Create and maintain custom parsers and field extractions for complex or proprietary log sources • Reduce false positives through ongoing rule tuning, baseline analysis, and detection improvement efforts • Participate in peer reviews of detection rules and SIEM configuration changes • Monitor SIEM alerts and investigate security events to support incident response and threat hunting activities • Contribute to development and maintenance of detection and response playbooks and operational procedures • Support troubleshooting of SIEM ingestion, parsing, and performance issues • Work with infrastructure and application teams to onboard new log sources and improve security visibility • Collect and organize SIEM control evidence and artifacts for audits and 3PAO assessment activities • Ensure SIEM configurations support required controls such as audit review, log integrity, and time synchronization • Create and maintain SIEM architecture, detection, and operational documentation and runbooks • Provide technical support during client reviews and operational meetings as assigned • Share knowledge and provide guidance to junior team members • Contribute to process improvement and automation initiatives within SIEM and detection workflows

🎯 Anforderungen

• 3+ years of hands-on systems engineering and architecture experience—including requirements definition, architecture development, use-case/story creation, and systems integration/testing. • 3+ years of cloud experience in architecture, design, implementation, operations, and automation (AWS, Azure, or GCP). • Proven expertise with SIEM platforms (e.g., Splunk, Sentinel, ELK, LogRhythm, Sumo Logic) and enterprise antivirus (AV) solutions (e.g., Trend Micro, CrowdStrike, Microsoft Defender). • Understanding of AWS, Azure, or GCP platform capabilities (ideally as a Cloud Architect, Cloud DevOps Engineer, or Cloud Security Engineer). • Experience working in Agile environments with technical teams of three or more individuals. • Excellent communication, organizational, and problem-solving skills, with the ability to convey complex technical information clearly. • Strong documentation skills for creating technical diagrams, written descriptions, and other supporting materials. • Demonstrated ability to work both independently and as a member of a team, maintaining a professional attitude and demeanor. • Critical thinking skills to balance robust security requirements against mission objectives. • Proven track record of adapting quickly and efficiently in fast-paced, dynamic environments. • Proven track record delivering end-to-end SIEM solutions in large-scale or high-compliance environments—from initial design through operational handover. • Hands-on leadership or senior-level contribution in cloud security projects, collaborating across cross-functional teams (e.g., DevOps, architecture, compliance) to drive impactful security outcomes. • Documented success integrating multiple security tools (SIEM, AV, intrusion detection systems, etc.) into a cohesive, enterprise-wide monitoring solution. • History of working under strict regulatory or industry frameworks (e.g., FedRAMP, HIPAA, PCI), ensuring solutions meet required standards without sacrificing performance. • Demonstrable client-facing experience in a consulting or services capacity, maintaining professionalism and clear communication in high-stakes or fast-paced engagements. • Splunk Enterprise Certified Admin *or* SumoLogic Administration *or* Microsoft Security Operations Analyst Associate • AWS Solutions Architect Professional *or* AWS DevOps Engineer Professional *or* Azure Solutions Architect Expert* or* GCP Cloud Architect • Bachelor’s degree or equivalent work experience. • US citizenship (required due to client contractual requirements)

🏖️ Vorteile

• paid parental leave • flexible time off • certification and training reimbursement • digital mental health and wellbeing support membership • comprehensive insurance options