×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager

Security Engineer - SIEM; Splunk Platform & Operations

Job in San Jose, Santa Clara County, California, 95199, USA
Listing for: Samsung SDS Co.
Full Time position
Listed on 2026-06-05
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below
Position: Security Engineer - SIEM (Splunk) Platform & Operations

Samsung SDS America (SDSA) serves as the U.S. technology and innovation hub for Samsung’s global enterprise solutions, delivering secure, scalable, and high‑performance IT services that support some of the world’s most complex business environments. As SDSA continues to expand its cloud, mobility, analytics, and cybersecurity capabilities, maintaining a resilient security operations foundation is essential to protecting the company’s digital assets and ensuring uninterrupted service delivery.

Position

Summary

As Security Engineer, you’ll join the Cybersecurity Operations team, where you’ll serve as the frontline detective monitoring and correlating real‑time threat data from firewalls, cloud assets, EDR, and AI‑driven platforms like Darktrace. You’ll design, tune, and optimize Splunk Enterprise Security dashboards, detection rules, and correlation searches to cut false positives while delivering rapid, high‑fidelity alerts. Leveraging your experience SOC environments, you’ll lead deep incident investigations, spearhead proactive threat‑hunting missions, and drive remediation priorities based on risk and business impact.

Collaboration is key: you’ll partner with global engineers, cloud specialists, and incident‑response teams to continuously improve our security posture and document best‑practice playbooks.

Responsibilities
  • Monitor and analyze security event logs from multiple sources, including firewalls, intrusion detection/prevention systems, endpoint protection platforms, servers, cloud environments, and tools like Darktrace, to identify potential threats.
  • Monitor, triage, and investigate alerts and logs within the Splunk SIEM and Splunk Enterprise Security (ES) platform.
  • Assist in improving SIEM processes, detection coverage, alert fidelity, and operational workflows including creating dashboards
  • Support the onboarding and integration of logs from enterprise systems into the Splunk environment.
  • Validate log source completeness, data normalization, rule logic, and alert relevance across critical systems and infrastructure
  • Perform initial analysis of security events, elevate incidents when appropriate, and assist with root cause identification.
  • Conduct in‑depth investigations of security incidents and recommend remediation and containment actions.
  • Conduct proactive threat hunting using SIEM, EDR, CASB, and network detection tools, such as Darktrace, to identify suspicious activity that may have bypassed traditional controls.
  • Tune and optimize correlation searches, detection rules, dashboards, and use cases to improve operational efficiency and reduce false positives.
  • Prioritize remediation efforts based on risk, severity, and business impact.
  • Participate in incident response activities and support threat hunting initiatives as needed.
  • Collaborate with cross‑functional teams to respond effectively to cybersecurity incidents and strengthen overall security posture.
  • Create and maintain documentation for log flows, detection use cases, triage procedures, playbooks, cybersecurity processes, and operational standards.
Qualifications
  • Bachelor’s degree in Computer Science, Information Security, Information Assurance, or a related field;
    Master’s degree preferred.
  • 3+ years of experience in a cybersecurity operations or related security role.
  • 2+ years of hands‑on experience administering Splunk Enterprise Security (ES).
  • Strong hands‑on experience with Splunk log ingestion, data normalization, search heads, indexers, SPL query development, and dashboard optimization.
  • Knowledge of detection engineering, correlation rule development, and incident response workflows.
  • Proven experience in threat analysis & incident response.
  • Strong understanding of security log sources, including Windows and Linux servers, firewalls, endpoint tools, cloud infrastructure, and network detection platforms, such as Darktrace.
  • Experience triaging and analyzing security alerts in complex, multi‑platform enterprise environments.
  • Familiarity with cloud platforms such as AWS, Azure, or similar environments.
  • Strong analytical, communication, and collaboration skills, with the ability to clearly present findings and recommendations.
  • Ability to work…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search