Senior Security Engineer – Splunk

Job DescriptionJob Description: Senior Security Engineer – Splunk & Cloud (8–10 Years)Skills: Digital: Microsoft Azure | Digital: SplunkEssential Skills: Splunk ITSI & UBA | Virtualization & Cloud (Azure, Google, AWS) | Microsoft Security Solutions (Sentinel, etc.)Role OverviewThe Senior Security Engineer will provide expert, hands‑on engineering leadership for Splunk platform design, data onboarding, automation, and SIEM modernization. This role requires deep subject‑matter expertise across Splunk Enterprise, Microsoft Sentinel, cloud-based security architectures, and advanced monitoring technologies.The ideal candidate will have proven experience architecting and delivering large-scale security engineering solutions, collaborating with cross-functional teams, and ensuring that platforms meet enterprise standards for security, performance, and operational resilience—particularly in complex financial institution environments.Key ResponsibilitiesSplunk & SIEM EngineeringLead hands-on engineering, configuration, build, and support of the Enterprise Splunk suite, including core Splunk, ITSI, UBA, and CRIBL.Deliver robust solutions for data onboarding, parsing, normalization, indexing, and alerting.Ensure dashboards, KPIs, and alerts are aligned with business and security requirements.Maintain and enhance CIM compliance across all data sources and use cases.Security Architecture & CloudArchitect and engineer security solutions spanning Azure, Google Cloud, and AWS.Integrate cloud-native and hybrid security capabilities into SIEM workflows.Apply modern security practices to highly virtualized environments.Microsoft Security SolutionsImplement and support Microsoft Sentinel and related Microsoft security technologies.Align detection logic, response workflows, and event ingestion to enterprise standards.Engineering Leadership & CollaborationLead teams in delivering high‑quality engineering outcomes and drive solution roadmaps.Work with senior leadership to shape strategy, modernize platforms, and improve processes.Collaborate across security teams, business units, and enterprise engineering functions to deliver platforms that provide measurable business value.Technical Integration & Data AnalysisOnboard diverse data sources including APIs, databases, and Splunkbase apps.Ensure accurate handling of Windows, RHEL/Unix, network, and server log formats.Utilize Python for automation, data transformation, and engineering optimization.Identify and resolve gaps or inconsistencies in data flows and event ingestion pipelines.Compliance, Documentation & Operational ExcellencePrepare and maintain architecture diagrams, build documents, SOPs, and knowledge artifacts.Ensure engineering solutions align with financial institution security controls, processes, and audit standards.Support production environments, troubleshoot issues, and optimize SIEM performance.Technical RequirementsRequired ExpertiseAdvanced experience with:Splunk Enterprise AdministrationCIM complianceSplunk ITSI & UBA (highly preferred)CRIBL (asset)Strong understanding of:Azure Cloud and cloud security architectureMicrosoft Sentinel & other Microsoft security platformsWindows and Linux/RHEL log formatsNetwork and server logsProficient Python scripting for automation.Experience integrating high-volume data sources across APIs, DBs, and Splunkbase add‑ons.Prior experience within a banking or financial services technical environment is preferred.Good to HaveAdvanced dashboard engineering and alert optimization skills.Experience with virtualization and cloud monitoring toolsets.Strong understanding of ITS and advanced observability frameworks.Experience Required8–10 years of experience in Security Engineering with strong specialization in Splunk, SIEM, and cloud security platforms.RequirementsEssential Skills: • Work with project teams throughout the organization to design, implement, and manage CDN infrastructure using Akamai, to ensure high availability, performance, and scalability for customer facing applications and business processes. • Handle multiple priorities and assignments with excellence and precision. • Be a part of a 24/7/365 organization (some after hours support is expected as part of normal on-call rotation). • Directly support line of business development teams, provide guidance to them on implementation and changes for customer facing applications • Develop and maintain security protocols and measures to protect CDN infrastructure from cyber threats. • Monitor and analyze network performance, identifying and resolving issues to optimize content delivery of critical applications. • Collaborate with cross-functional teams to integrate Akamai CDN solutions with existing systems and applications. • Collaborate with information security teams to implement DDoS protection strategies and other security measures in the CDN. • Provide technical support and guidance to clients and internal teams regarding CDN and security best practices. • Work closely with vendor and professional service teams on delivery related activities and strategy. Qualifications: • Bachelor’s degree in Computer Science, Information Technology, or a related field. OR similar work experience. • Strong understanding of network protocols (HTTP/HTTPS, DNS, TCP/IP). • Proven experience as a CDN Engineer or similar role, with a strong focus on cybersecurity. • In-depth knowledge of Content Delivery Network technologies, including caching, load balancing, and content optimization. • Excellent problem-solving skills and attention to detail. • Strong communication and teamwork abilities. • Experience supporting 24/7/365 customer facing applications at enterprise scale. • Awareness and experience with cybersecurity tools and practices, such as firewalls, intrusion detection/prevention systems, and encryption. • Proficiency in scripting and automation (e.g., Python, Bash) a plus. • Relevant certifications (e.g., CISSP, CEH) are a plus but not required.