19 days ago
Warsaw, PolandSenior
Responsibilities
- Build, tune, and maintain custom threat detection rules and alerts in Splunk Enterprise Security.
- Develop and support Splunk dashboards and applications for threat hunting and security operations monitoring.
- Integrate detections with SOAR platforms to support security automation and response workflows.
- Analyze, parse, normalize, and enrich security data for reliable detection and reporting.
- Design and implement automated data ingestion pipelines for new log sources.
- Collaborate with Infrastructure, Application, and Security teams to enhance logging coverage.
- Operate and optimize the Splunk Enterprise Security platform for stable performance.
- Ensure consistent agent deployment and monitoring across diverse endpoints and cloud workloads.
Requirements
- 5+ years of experience in technology roles, including 3+ years with Splunk Enterprise.
- Experience developing and tuning correlation searches, alerts, and dashboards in Splunk ES.
- Strong knowledge of log formats, parsing techniques, and data normalization concepts.
- Proficiency in scripting or data languages such as Python, Perl, PowerShell, or SQL.
- Solid understanding of cybersecurity principles and security operations workflows.
- Broad technical knowledge across networks, operating systems, applications, and SaaS platforms.
- Commitment to ethical standards and ability to handle sensitive security information.
Benefits
- Private medical and dental care, with vision allowance.
- Private life insurance.
- Private pension scheme.
- Sports card.
- Volunteer opportunities.
- Support for employee-led affinity groups.
- Business travel accident insurance.
- Employee assistance program.
- Educational assistance reimbursement.