Cyber Security Engineer - Splunk

Cyber Security Engineer – Splunk 

Pivotal role: automate Incident Response / SOC processes ! Any Capital city

• Prestigious Australian company.
• Innovative technical team and great culture. Hybrid.

Our client is a global player in the supply chain and logistics space.

They are currently looking for Cyber Security Engineer professional to help automate Incident Response capabilities.

In order to succeed in this role, you must be passionate about Cyber Security, have strong Splunk ES  and SOAR experience  and overall incident response.

This is an opportunity to work with a very talented team, in a hybrid work environment. 

In this role, you will be responsible for automation and the development of cutting edge use cases using industry leading tools like Splunk and CrowdStrike.

This role will refine current processes and develop use cases for better threat detection, identify and implement improvement in response and resolution (MTTR/MTTA) of security incidents through orchestration and automation of response procedures.

Responsibilities will include:

Security Orchestration and Automated Response (SOAR):

• Perform scripting and automation of incident response and management.
• Innovate Automation design into new capabilities.
• Identify opportunities to improve and automate current processes and operations.
• Develop dashboards to track KPIs.

Security Incident Detection and Response:

• Participate in the root cause analysis and remediation activities.
• Participate in red, blue and purple team exercises and cyber war games.
• Improve efficiency of security operations processes and procedures through use case development and automation.

Your ideal background:

• Previous experience in Cybersecurity Operations (SOC) automation
• Strong background in Splunk ES  scripting (i.e. Python, PowerShell and/or JSON, API, SQL, etc) and manual log analysis
• Experience working with security tools including  Microsoft )365, Azure, AWS, CrowdStrike, Splunk ES and Splunk SOAR
• Strong knowledge of networks and servers (Windows/Unix) fundamentals
• Good understanding of MITRE ATT & CK framework.
• Solid understanding of NIST Cyber Security Framework or ISM.
• Good understanding of Cyber Security best practices and ideally a background in incident management and incident response
• Splunk professional certs highly advantageous

This role will be offered as a permanent position and can be based in most capital cities – work arrangement will be hybrid. The salary on offer is competitive.

Interested? Apply by sending your CV to Silvia at Balance Recruitment

Balance Recruitment is committed to equal opportunity employment.  We celebrate diversity and encourage people from all sections of the community to apply.