Senior SIEM Engineer - Splunk

Bioggio , Ticino, Switzerland

Type: n/a

Category: Engineering & Manufacturing

Requirements: English
Company: TN Switzerland
Region: Bioggio , Ticino

We are seeking a highly skilled and experienced Splunk Architect with a strong background in Security. The successful candidate will be responsible for designing, implementing, and managing our Splunk infrastructure in a hybrid cloud large-scale environment. This position is mainly for Bioggio, Ticino office.

Your key tasks

1. Design, implement, and manage the Splunk infrastructure
2. Deploy and manage Splunk indexer clusters and search head clusters
3. Optimize existing clustered Splunk deployments
4. Monitor operations of the Splunk platform to enable proactive issue identification, response, and resolution
5. Integrate Splunk with various legacy data sources, security tools, and cloud services
   • Build Splunk Technology Add-ons
   • Create custom scripts in Python, Bash, PowerShell, VBscripts
   • Develop Splunk apps for Universal Forwarders
   • Interact with REST API endpoints
   • Work with RDBMS in SQL
6. Onboard data sources, create indexes, data models, CIM mappings, and establish health KPIs
7. Manage knowledge objects (Apps, Dashboards, Saved Searches, Alerts)
8. Manage Role Based Access Control
9. Design and implement correlation searches in Splunk Enterprise Security
10. Maintain and extend integration between Asset & Identity and Splunk Security framework
11. Onboard Threat Intelligence feeds and analyze data correlations
12. Support Security Analysts in leveraging Splunk effectively
13. Drive operational model transformation for SecOps
14. Identify gaps and develop solutions for continuous improvement

Qualifications

• Splunk Architect or Consultant certification or proven professional experience
• At least 5 years of experience as a Splunk Architect or higher
• Experience in designing Security Operation Centers with Splunk
• Deep understanding of Splunk architecture components
• Proficiency in SPL and regular expressions
• Knowledge of deployment and version control tools (Git, Terraform)
• Understanding of security components and cloud providers (preferably OCI)
• Knowledge of SOAR, Linux (RHEL), Windows, Kubernetes, and network protocols
• Strong troubleshooting and communication skills

Additional Information

We support work-life balance through hybrid and flexible work arrangements. We value diversity and promote an inclusive environment. Please note, applications should be submitted via the ''Apply now'' button. External CV submissions from agencies are not accepted. If not a passport holder of the country, a work permit may be required. For more info, visit our Blog.

#J-18808-Ljbffr

Click here to apply and get more details about this job! It will open in a new tab.