Splunk Detection Engineer
Job in
Pine Bluff, Jefferson County, Arkansas, 71601, USA
Listed on 2026-06-02
Listing for:
DivIHN Integration Inc
Full Time
position Listed on 2026-06-02
Job specializations:
-
IT/Tech
Cybersecurity, Network Security, Security Manager, Data Security
Job Description & How to Apply Below
Overview
Splunk Detection Engineer (Level IV or Strong Level III)
12+ months
• Fully Remote
Scope: The Splunk Detection Engineer will play an important role in ensuring that security logs are appropriately formatted, ingested, tagged, and used to detect possible security events.
Typical tasks may include:
- Integrate new data sources, which may include databases, APIs, files, etc. This may involve setting standards and working with IT administrators to update their configurations
- Validating and creating appropriate configurations for CIM compliant logs
- Processing requests from cybersecurity analysts for new detections within Splunk Enterprise Security
- Analyzing existing logs to identify poorly formatted logs and potential gaps when implementing new detections
- Adding and maintaining threat feeds within Splunk Enterprise Security
- Monitoring the performance of and tuning detections
- Managing asset and identity inventory within Splunk Enterprise Security
- Creating and maintaining new Splunk apps
- Recommending additions or changes to Splunk or its data models to meet detection needs
- Developing searches, reports, and other functionalities for cyber-based use-cases, including active response, intrusion detection, vulnerability management, and related use cases
- Carry out activities to ensure proper formatting, ingestion, tagging, and utilization of security logs for detection of events
- Collaborate with cybersecurity analysts and IT teams to implement detections and data models
- Develop and maintain detections, searches, and dashboards in Splunk Enterprise Security
- Drive continuous improvement of processes, data quality, and tooling related to Splunk
- Provide guidance and knowledge transfer to team members on Splunk Enterprise Security usage
Minimum Qualifications:
- Significant experience with Splunk and Splunk Enterprise Security
- Significant experience with event logging solutions (e.g., Splunk Universal Forwarder, syslog, Cribl)
- Experience with ticketing/case management
- Experience with Git pipelines
- Familiarity with using Linux CLI
- Ability to craft queries using common languages; comfort with regex, JSON and APIs; basic scripting in Python/Power Shell/Bash
- Excellent analytical, problem-solving, and communication skills both with stakeholders, peers, and internal customers; able to operate under pressure in a shift or on-call environment
Preferred
Additional Qualifications:
- Strong grasp of TCP/IP, OSI model, and common protocols (HTTP, DNS, SMTP). Windows/Linux/macOS fundamentals;
Active Directory/Azure AD concepts; basic cloud logging - Experience in system and network administration
- Relevant cybersecurity experience including investigations and data analysis
- Experience with SOAR tools and automation development
- Experience using identity security/management tools (e.g., Entra , Active Directory, Shibboleth, Crowd Strike Identity Protection)
- Cloud security experience (e.g., Cloud Trail/Guard Duty, Azure Defender/M365, GCP Security Command Center)
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×