About the Role
The Splunk Detection Engineer will build and refine security detection content within Splunk to proactively identify threats and strengthen the organization's security posture through improved monitoring and analytics.
Responsibilities
- Design and implement detection rules in Splunk to identify malicious activity
- Develop and maintain correlation searches for security monitoring
- Analyze security events to refine detection logic and reduce false positives
- Collaborate with security analysts to understand emerging threats
- Tune and optimize existing detection content for accuracy and performance
- Document detection methodologies and rule logic for team reference
- Respond to detection gaps identified during incident investigations
- Stay current with adversary tactics, techniques, and procedures
- Integrate threat intelligence into detection workflows
- Support automation of detection testing and validation processes
- Participate in peer reviews of detection content
- Maintain version control for detection rule development
- Assist in onboarding new detection engineers
- Contribute to detection use case frameworks
- Work with logging teams to ensure data availability for analytics
- Evaluate new data sources for detection opportunities
- Help prioritize detection initiatives based on risk
- Support red team exercises with detection feedback
- Monitor detection coverage across environments
- Ensure compliance with security monitoring standards
- Troubleshoot alerting issues in detection pipelines
- Provide input on SIEM architecture improvements
- Assist in reporting detection efficacy metrics
- Engage with IT and network teams for log integration
- Maintain consistency in detection naming and categorization
Nice to Have
- Certification in cybersecurity or Splunk technologies
- Hands-on experience with MITRE CALDERA or similar tools
- Prior work in a SOC or threat hunting role
- Experience with automated detection testing
- Knowledge of deception technologies
- Familiarity with YARA rules or Sigma format
- Experience mentoring junior analysts
- Public contributions to detection communities
- Speaking or presentation experience at security events
Compensation
Competitive salary and benefits package offered
Work Arrangement
Remote with occasional team coordination during business hours
Team
Collaborative security team focused on proactive threat detection and response
Security Clearance
- Must be eligible to work in the United States without sponsorship
- No security clearance required for this role
Work Expectations
- Expected to respond to critical detection incidents as needed
- Regular collaboration with team members during core hours
- Proactive identification of detection gaps
- Commitment to maintaining high detection accuracy
Not available for this position
