Talent.com
Sr Engineer Security (SIEM)

Sr Engineer Security (SIEM)

ConfidentialHyderabad / Secunderabad, Telangana, India
4 days ago
Job description

Job Description

RESPONSIBILITIES :

Splunk Infrastructure & Administration

  • Design, deploy, and maintain enterprise solutions and components for Splunk Cloud and on premises environments including Search Heads, Indexers, Forwarders and Deployment Servers
  • Manage Splunk high availability configurations
  • Deploy, configure, and maintain Splunk Connect for Syslog (SC4S)
  • Perform capacity planning, performance tuning, and resource optimization
  • Implement and maintain data retention policies and index management strategies
  • Oversee Splunk upgrades, patches, and maintenance activities

Data Integration & Management

  • Configure and manage universal forwarders, heavy forwarders, and data inputs from diverse sources
  • Develop and maintain data parsing, field extractions, and data models
  • Create and optimize indexes, source types, and data routing configurations
  • Implement data quality controls and validation processes
  • Design efficient search strategies and query optimization

    • Development & Automation

  • Develop custom Splunk applications, dashboards, and visualizations
  • Create and maintain complex SPL (Search Processing Language) queries and reports
  • Build automated monitoring solutions and alerting mechanisms
  • Develop Python scripts and REST API integrations for Splunk automation
  • Implement Infrastructure as Code (IaC) practices for Splunk deployments

    • Security & Compliance

  • Design and implement security information and event management (SIEM) solutions
  • Develop security monitoring use cases and threat detection scenarios
  • Create compliance reporting and audit trail mechanisms
  • Implement role-based access controls and data classification policies
  • Support incident response and forensic investigations

    • Collaboration & Leadership

  • Mentor team members and provide technical guidance
  • Collaborate with cross-functional teams
  • Lead technical architecture reviews and design sessions
  • Participate in on-call rotation and provide escalation support
  • Document processes, procedures, and best practices

    • EDUCATIONAL REQUIREMENTS :

  • Bachelor's degree in computer science, Information Systems, or equivalent combination of education and experience
  • Relevant Security Certifications

    • Experience Required

  • A minimum of 10 years of experience.

    • QUALIFICATIONS, KNOWLEDGE, SKILLS & ABILITIES :

  • 7+ years of hands-on Splunk experience including administration and development
  • Splunk certifications required : Splunk Core Certified Admin, Splunk Core Certified Power User, Splunk Cloud Certified Admin
  • Preferred certifications : Splunk Enterprise Security Certified Admin, Splunk IT Service Intelligence
  • Proficiency in SPL (Search Processing Language) and advanced search techniques
  • Experience with Splunk Enterprise Security (ES), IT Service Intelligence (ITSI), or other Splunk premium applications
  • Strong knowledge of Linux / Unix systems administration
  • Scripting experience in Python, Shell, PowerShell, or similar languages
  • Understanding of networking protocols, log formats, and data sources (syslog, JSON, XML, etc.)

    • Infrastructure & Tools

  • Experience with virtualization platforms (VMware, Hyper-V) and cloud environments (AWS, Azure, GCP)
  • Knowledge of configuration management tools (Terraform, Ansible, Puppet, Chef)
  • Familiarity with containerization technologies (Docker, Kubernetes)
  • Experience with load balancers, firewalls, and network security devices
  • Understanding of database systems and SQL

    • Security & Compliance

  • Knowledge of security frameworks (NIST, ISO 27001, PCI-DSS, SOX)
  • Experience with threat hunting and incident response procedures
  • Understanding of common attack vectors and security monitoring best practices
  • Familiarity with compliance reporting requirements

    • Preferred Qualifications

  • Bachelor's degree in Computer Science, Information Technology, or related field
  • Experience with additional SIEM platforms
  • Knowledge of machine learning and statistical analysis techniques
  • Experience with DevOps practices and CI / CD pipelines
  • Industry certifications such as CISSP, GCIH, or equivalent

    • Technical Environment

  • Multi-terabyte daily data ingestion
  • High-availability clustered deployments
  • Integration with enterprise security tools and business applications
  • Hybrid cloud and on-premises infrastructure

    • General Skills Include

  • Strong critical thinking and analytical skills
  • Ability to approach problem solving in a constructive and collaborative way that does not require absolute security.
  • The ability to communicate complicated technical issues and risks to programmers, network engineers and managers.
  • Strong leadership, project, and team-building skills

    • Exceptional communication skills with diverse audiences; the ability to be an infrastructure security subject matter expert who can explain relevant topics to general audiences

    Skills Required

    VMware, Unix, Chef, Sql, Rest Api, Iso 27001, Gcp, Docker, Linux, Terraform, Ansible, nist, Splunk, Sox, Puppet, Azure, Python, Kubernetes, Aws

    Create a job alert for this search

    Engineer Siem • Hyderabad / Secunderabad, Telangana, India