Match score not available

Unlock Premium Benefits Today!
🚀 Elevate your career with priority access.
Stand out to top recruiters with Jobgether Priority Access:
  • ✅ Top Match: We help you identify job offers where you're a perfect fit.
  • ✅ Exclusive Referral Service: Connect directly with recruiters as a Jobgether Certified Premium User.
  • ✅ Personalized Feedback: Receive feedback and expert guidance on applications, and have your profile manually reviewed.

Start Your Free Trial Now!

Start my free trial

Security Content Engineer – Splunk

unlimited holidays - extra parental leave - fully flexible
Remote: 
Full Remote
Contract: 
Full time
Work from: 
United States

Offer summary

Qualifications:

Bachelor's degree in Information Security, Computer Science, or related IT field., 7+ years of experience in information technology or information security, with 4 years in SIEM solutions and detection content creation., Strong experience with Microsoft security solutions and scripting languages like Python and PowerShell., Excellent teamwork and communication skills, with the ability to present complex technical topics clearly..

Key responsabilities:

  • Create client-facing detections to address security and IT operations concerns.
  • Collaborate with clients to design visualizations for security posture and operations metrics.
  • Assist clients in testing and tuning detection logic to reduce false positives.
  • Serve as a technical escalation point and mentor for junior detection engineers.

bluevoyant logo
bluevoyant Cybersecurity Large https://www.bluevoyant.com/
501 - 1000 Employees
See all jobs

Job description

Security Content Engineer – Splunk
Location: Remote in the United States
US Citizenship Required

Summary

BlueVoyant is looking for a Security Operations Center Security Content Engineer to help our global customers manage their Splunk cloud security solutions. You will be part of a fast-paced team that helps customers to efficiently and effectively derive security insights through generating detection logic, automation and visualizations. This position is fully remote.

Key Responsibilities
  • Ideate and create client-facing detections to surface security and IT operations concerns
  • Collaborate with clients to design and implement visualizations to assist clients with understanding security posture, interesting events, and operations metrics
  • Assist clients with testing and tuning detection logic to minimize false positives, alert duplication, and whitelisting 
  • Identify opportunities for client-specific needs to become base content for all MSS, including rules, automations, and dashboards 
  • Assist integration teams in identifying opportunities for log content reduction and removal irrelevant events
  • Deliver functional value resulting from research in the form of queries, signatures, rules, and contextual information (knowledge base articles)
  • Serve as a Technical SOC SME in support to customers (customer facing) and support to sales and marketing
  • Supplemental in-depth research of exploits and vulnerabilities which have a high likelihood of occurring within BlueVoyant customer environments
  • Assist in the advancement of security policies, procedures, and automation
  • Serve as the technical escalation point and mentor for junior detection engineers and Sentinel support staff
  • Regularly communicate with customer IT teams to inform them of issues, help them remediate, and ensure that they continue to operate business as usual
  • Assist with advancing security standard operating procedures and incident response reporting.
Qualifications
  • Excellent teamwork skills
  • Previous signature writing / algorithm creation experience
  • Ability to analyze event logs and recognize signs of cyber intrusions/attacks
  • Hands-on experience with Microsoft Azure Sentinel, Defender ATP, O365 ATP, and other Microsoft security suites.
  • Hands-on experience with Microsoft Azure Sentinel, Microsoft Threat Protection suite of security solutions (Defender ATP, Azure ATP, Office 365 ATP, Microsoft Cloud Application Security), Azure Active Directory, Azure Security Center, Azure Log Analytics, and M365 suite of solutions.
  • Hands-on experience for the following:
    • Develop, automate, and orchestrate tasks(playbooks) with logic apps based on certain events
    • Configure Sentinel Incidents, Workbooks, Hunt queries, Notebooks
    • Ability to advise customers on the Microsoft Cloud Security capabilities across the Azure platform.
    • Kusto Query Language (KQL).
  • Strong experience with scripting languages (Python, PowerShell, others)
  • Strong experience with digital forensic analysis (host, network, other) and blue team operations
  • Strong knowledge and understanding of network protocols and devices.
  • Ability to work directly with customers to understand requirements for and feedback on security services
  • Advanced written and verbal communication skills and the ability to present complex technical topics in clear and easy-to-understand language
  • Strong teamwork and interpersonal skills, including the ability to work effectively with a globally distributed team
  • Skilled in the creation of signatures for security tools
  • Familiarity with tools such as Wireshark, TCP Dump, Security Onion, and Splunk
  • Strong knowledge of the following:
    • SIEM
    • Packet Analysis
    • SSL Decryption
    • Malware Detection
    • HIDS/NIDS
    • Network Monitoring Tools
    • Case Management System
    • Knowledge Base
    • Web Security Gateway
    • Email Security
    • Data Loss Prevention
    • Anti-Virus
    • Network Access Control
    • Encryption
    • Vulnerability Identification
Preferred Qualifications
  • Experience in intrusion analysis, digital forensics, penetration testing, detection engineering or related areas
  • 7+ years of experience in information technology or information security, 4 of which were spent dealing directly with SIEM solutions and detection content creation
  • Microsoft 365 Certified: Security Administrator Associate and GCFA, GCFE, or OSCP preferred
  • Familiarity with Azure, .Net programming, jupyter notebooks, and scripting / development using web APIs 
Education
  • Minimum bachelor’s degree in Information Security, Computer Science, or other IT-related field or equivalent experience
About BlueVoyant

At BlueVoyant, we recognize that effective cyber security requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics, and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem. Accuracy! Actionability! Timeliness! Scalability!

Led by CEO, Jim Rosenthal, BlueVoyant’s highly skilled team includes former government cyber officials with extensive frontline experience in responding to advanced cyber threats on behalf of the National Security Agency, Federal Bureau of Investigation, Unit 8200, and GCHQ, together with private sector experts. BlueVoyant services utilize large real-time datasets with industry leading analytics and technologies.

Founded in 2017 by Fortune 500 executives, including Executive Chairman, Tom Glocer, and former Government cyber officials, BlueVoyant is headquartered in New York City and has offices in Maryland, Tel Aviv, San Francisco, London, Budapest, and Latin America.

All employees must be authorized to work in the United States. BlueVoyant provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, BlueVoyant complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.

Disclaimer: Please note that pursuant to contractual requirements and applicable law, in order for employees to perform work on some of the company’s federal contracts, U.S. citizenship is required. Accordingly, an employee’s ability to perform work on such contracts is contingent upon the company’s verification of the employee’s citizenship status. Furthermore, individuals may be subject to additional background checks and fingerprinting.

BlueVoyant Candidate Privacy Notice

To understand how we secure and manage your personal data upon submitting a job application, please see our Candidate Privacy Notice, which can be found here - Candidate Privacy Notice

Required profile

Experience

Industry :
Cybersecurity
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Social Skills
  • Teamwork
  • Communication
  • Problem Solving
Are you interested?

Security Engineer Related jobs

See more Security Engineer jobs