Senior Security Engineer – Splunk & Cloud

Job Description:

Senior Security Engineer – Splunk & Cloud (8–10 Years)

Skills:

Digital:
Microsoft Azure | Digital:
Splunk

Essential

Skills:

Splunk ITSI & UBA | Virtualization & Cloud (Azure, Google, AWS) | Microsoft Security Solutions (Sentinel, etc.)

Role Overview

The Senior Security Engineer will provide expert, hands‑on engineering leadership for Splunk platform design, data onboarding, automation, and SIEM modernization. This role requires deep subject‑matter expertise across Splunk Enterprise, Microsoft Sentinel, cloud-based security architectures, and advanced monitoring technologies.

The ideal candidate will have proven experience architecting and delivering large-scale security engineering solutions, collaborating with cross-functional teams, and ensuring that platforms meet enterprise standards for security, performance, and operational resilience—particularly in complex financial institution environments.

Key Responsibilities

Splunk & SIEM Engineering

Lead hands-on engineering, configuration, build, and support of the Enterprise Splunk suite, including core Splunk, ITSI, UBA, and CRIBL.

Deliver robust solutions for data onboarding, parsing, normalization, indexing, and alerting.

Ensure dashboards, KPIs, and alerts are aligned with business and security requirements.

Maintain and enhance CIM compliance across all data sources and use cases.

Security Architecture & Cloud

Architect and engineer security solutions spanning Azure, Google Cloud, and AWS.

Integrate cloud-native and hybrid security capabilities into SIEM workflows.

Apply modern security practices to highly virtualized environments.

Microsoft Security Solutions

Implement and support Microsoft Sentinel and related Microsoft security technologies.

Align detection logic, response workflows, and event ingestion to enterprise standards.

Engineering Leadership & Collaboration

Lead teams in delivering high‑quality engineering outcomes and drive solution roadmaps.

Work with senior leadership to shape strategy, modernize platforms, and improve processes.

Collaborate across security teams, business units, and enterprise engineering functions to deliver platforms that provide measurable business value.

Technical Integration & Data Analysis

Onboard diverse data sources including APIs, databases, and Splunkbase apps.

Ensure accurate handling of Windows, RHEL/Unix, network, and server log formats.

Utilize Python for automation, data transformation, and engineering optimization.

Identify and resolve gaps or inconsistencies in data flows and event ingestion pipelines.

Compliance, Documentation & Operational Excellence

Prepare and maintain architecture diagrams, build documents, SOPs, and knowledge artifacts.

Ensure engineering solutions align with financial institution security controls, processes, and audit standards.

Support production environments, troubleshoot issues, and optimize SIEM performance.

Technical Requirements

Required Expertise

Advanced experience with:

Splunk Enterprise Administration

CIM compliance

Splunk ITSI & UBA (highly preferred)

CRIBL (asset)

Strong understanding of:

Azure Cloud and cloud security architecture

Microsoft Sentinel & other Microsoft security platforms

Windows and Linux/RHEL log formats

Network and server logs

Proficient Python scripting for automation.

Experience integrating high-volume data sources across APIs, DBs, and Splunkbase add‑ons.

Prior experience within a banking or financial services technical environment is preferred.

Good to Have

Advanced dashboard engineering and alert optimization skills.

Experience with virtualization and cloud monitoring toolsets.

Strong understanding of ITS and advanced observability frameworks.

Experience Required

8–10 years of experience in Security Engineering with strong specialization in Splunk, SIEM, and cloud security platforms.