RemoteLeaf Logo
Log in Sign up

Security Engineer (Splunk)

2 days, 4 hours ago
United States
Full-time
Senior
Security Engineer
Cybersecurity
Agile Ansible AWS Azure CrowdStrike GCP GitHub GitLab HIPAA Microservices Serverless SIEM Splunk Terraform TLS
Apply Now
Coalfire

Coalfire

Coalfire is a cybersecurity advisor that helps organizations avert threats, reduce risk, and turn security into a competitive advantage, fueling their success.

Internet Software & Services
251-1K
Founded 2001
$9M raised
View All Jobs 13

Description

  • Maintain and support SIEM platforms in AWS, Azure, and GCP environments to meet continuous monitoring and compliance requirements.
  • Manage log collection infrastructure, including forwarders, collectors, and ingestion pipelines across hybrid environments.
  • Tune SIEM performance, storage, retention settings, and licensing under operational guidelines.
  • Develop, tune, and maintain detection rules, correlation searches, alerting logic, custom parsers, and field extractions.
  • Reduce false positives through rule tuning, baseline analysis, and ongoing detection improvements.
  • Monitor SIEM alerts, investigate security events, and support incident response and threat hunting activities.
  • Contribute to detection and response playbooks, operational procedures, architecture documentation, and runbooks.
  • Troubleshoot SIEM ingestion, parsing, and performance issues and help onboard new log sources.
  • Collect SIEM control evidence and artifacts for audits and 3PAO assessments and ensure configurations meet required controls.
  • Collaborate with infrastructure, application, and cross-functional teams, provide guidance to junior team members, and support process automation and improvement initiatives.

Requirements

  • 3+ years of hands-on systems engineering and architecture experience, including requirements definition, architecture development, use-case/story creation, and systems integration/testing.
  • 3+ years of cloud experience in architecture, design, implementation, operations, and automation with AWS, Azure, or GCP.
  • Proven expertise with SIEM platforms such as Splunk, Sentinel, ELK, LogRhythm, or Sumo Logic.
  • Experience with enterprise antivirus solutions such as Trend Micro, CrowdStrike, or Microsoft Defender.
  • Understanding of AWS, Azure, or GCP platform capabilities, ideally as a Cloud Architect, Cloud DevOps Engineer, or Cloud Security Engineer.
  • Experience working in Agile environments with technical teams of three or more people.
  • Excellent communication, organizational, problem-solving, and documentation skills.
  • Ability to work both independently and collaboratively in fast-paced, dynamic environments.
  • Demonstrated experience delivering end-to-end SIEM solutions in large-scale or high-compliance environments and integrating multiple security tools into an enterprise monitoring solution.
  • Experience working under regulatory or industry frameworks such as FedRAMP, HIPAA, or PCI.
  • Splunk Enterprise Certified Admin, SumoLogic Administration, or Microsoft Security Operations Analyst Associate certification.
  • One of the following cloud certifications: AWS Solutions Architect Professional, AWS DevOps Engineer Professional, Azure Solutions Architect Expert, or GCP Cloud Architect.
  • Bachelor's degree or equivalent work experience.
  • US citizenship is required due to client contractual requirements.
  • Preferred: consulting or professional services experience supporting external clients.
  • Preferred: automation experience with GitLab or GitHub, Terraform, and Ansible.
  • Preferred: experience with serverless and microservices architectures.
  • Preferred: familiarity with CIS Benchmarks, DISA STIG, SSL, PKI, FedRAMP, FISMA, HIPAA, HITRUST, PCI, and similar frameworks.
  • Preferred: Splunk Enterprise Certified Architect or Splunk Certified Automation Developer.

Benefits

  • $78,000 to $135,000 annual salary range.
  • Eligibility for annual incentive, commission, and/or recognition programs.
  • Flexible work model with the option to work from home or an office.
  • Paid parental leave.
  • Flexible time off.
  • Certification and training reimbursement.
  • Digital mental health and wellbeing support membership.
  • Comprehensive insurance options.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

The Missing Link

Saviynt IAM Specialist

The Missing Link 51-250 Internet Software & Services

The Missing Link is seeking a Security Engineer - Saviynt to support large enterprise identity governance initiatives, design and deliver Saviynt-based solutions, and strengthen its growing cyber security practice.

India Full-time Mid Level Security Engineer
Active Directory Azure Cybersecurity JavaScript PowerShell REST API SAP SQL
3 hours, 34 minutes ago
EnableComp

AI Security Architect (REMOTE - United States)

EnableComp 251-1K Insurance

EnableComp is seeking a remote AI Security Architect to secure and govern its AI and machine learning initiatives within its healthcare revenue cycle management environment.

United States Full-time Senior AI Engineer Security Engineer
Azure Cybersecurity HIPAA LLM Machine Learning
3 hours, 49 minutes ago
Dropbox

Senior Infrastructure Security Engineer

Dropbox 1K-5K Internet Software & Services

Dropbox is hiring a Security Engineer to secure its AI and agentic infrastructure while helping protect products and users across cloud and on-prem environments.

Canada Full-time Lead Infrastructure Engineer Security Engineer
$152k-$206k
Bash CI/CD CrowdStrike Go Java Kubernetes Linux LLM Node.js OAuth OpenID Connect OWASP Python Ruby Rust SIEM
3 hours, 49 minutes ago
Fullscript

Staff, Security Engineer

Fullscript 251-1K Health Care Providers & Services

Fullscript is hiring a Staff Security Engineer to lead hands-on security engineering across its healthcare technology platform, shaping secure product development and protecting systems that support practitioners and patients.

United States Canada Full-time Lead Security Engineer
AWS GitHub GitLab GraphQL JavaScript Node.js Penetration Testing Ruby on Rails
4 hours, 19 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers