Skip to main contentA logo with &quat;the muse&quat; in dark blue text.

Sr SIEM - Splunk SME

AT Abnormal Security
Abnormal Security

Sr SIEM - Splunk SME

Bangalore, India

About the Role

Abnormal Security is looking for a Sr. SIEM/Detection Engineer to join the Security & Privacy team. As a leading cybersecurity company, it is imperative we find, analyze, and respond to threat actor’s attacks and leverage the lessons learned to enhance and improve our detection capabilities to catch new and novel attacks. In this role, you will play a crucial role in designing, developing, and implementing automated solutions within Splunk to enhance incident response, threat detection, and remediation processes. You will collaborate with cross-functional teams to optimize incident response workflows, develop custom dashboards and visualizations, and ensure the smooth operation of our SIEM infrastructure. Additionally, you will be responsible for maturing Splunk data models and refining detection lifecycle processes to improve threat detection capabilities.

What you will do 

Want more jobs like this?

Get Data and Analytics jobs in Bangalore, India delivered to your inbox every week.

By signing up, you agree to our Terms of Service & Privacy Policy.
  • Mission Control Automation Development: Design, develop, and implement automated solutions within Splunk Mission Control to streamline incident response, threat detection, and remediation processes.
  • Custom Dashboard Creation: Build custom dashboards and visualizations within Splunk to provide actionable insights for incident analysis and monitoring. Build capabilities to present analyst performance data to measure detection efficacy and response times.
  • Incident Response Optimization: Collaborate with cross-functional teams to identify opportunities for improving incident response workflows and develop automated solutions to enhance efficiency.
  • Continuous Monitoring and Maintenance: Monitor the performance and health of the SIEM infrastructure, troubleshoot issues, and implement necessary optimizations to ensure smooth operation.
  • Documentation and Training: Document automated workflows, best practices, and standard operating procedures for Cyber Defense analysts. Provide training and support to enable team members to effectively utilize automated solutions.
  • Detection Lifecycle Processes: Develop and implement detection lifecycle processes, including tuning and refinement of detection rules, to improve the accuracy and efficacy of threat detection capabilities.
  • Splunk Data Model Maturation: Collaborate with stakeholders to enhance and mature Splunk data models to align with evolving business requirements and improve data analysis capabilities.

Must Haves 

  • Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent years of professional experience to meet job requirements and expectations.
  • 5+ years of experience in the security domain, including both a detailed understanding of attacker techniques and tracking the threat actors behind specific campaigns.
  • Demonstrated experience with Splunk Enterprise and Mission Control, including the ability to develop complex searches, dashboards, and reports.
  • Strong scripting skills (e.g., Python, PowerShell) with experience in automating tasks and processes within Splunk Mission Control.
  • Deep understanding of incident response methodologies and best practices, with the ability to translate these into automated workflows within SIEM and SOAR solutions.
  • Excellent problem-solving skills with a proactive approach to identifying and resolving technical challenges.
  • Strong interpersonal skills with the ability to effectively communicate technical concepts to both technical and non-technical stakeholders. Proven ability to collaborate with cross-functional teams.

Nice to Have 

  • Advanced degree in Computer Science, Engineering, or Cybersecurity.
  • OSCP, OSCE, or GPEN, GCIH, GCPN, GWAPT certifications.
  • Splunk certifications such as Splunk Certified Power User or Splunk Certified Admin would be advantageous.
  • Familiarity with other security tools and technologies such as IDS/IPS, EDR solutions, etc., to integrate with Splunk Mission Control.
  • Experience working with cloud platforms (e.g., AWS, Azure, GCP) and integrating Splunk Mission Control with cloud-based services.
  • Understanding of machine learning and artificial intelligence concepts, with the ability to leverage these technologies to enhance automated processes within Splunk.
  • Knowledge of DevOps practices and tools for automation, continuous integration, and continuous deployment (CI/CD) pipelines.

LI - #AB2

Client-provided location(s): Bengaluru, Karnataka, India
Job ID: 6352212003
Employment Type: Other

Perks and Benefits

  • Health and Wellness

    • Health Insurance
    • Dental Insurance
    • Vision Insurance
    • Life Insurance
    • Short-Term Disability
    • Long-Term Disability
    • FSA
    • Fitness Subsidies

  • Parental Benefits

    • Birth Parent or Maternity Leave
    • Non-Birth Parent or Paternity Leave

  • Work Flexibility

    • Flexible Work Hours
    • Remote Work Opportunities

  • Office Life and Perks

    • Casual Dress
    • Happy Hours
    • Snacks
    • Some Meals Provided
    • Company Outings
    • Commuter Benefits Program

  • Vacation and Time Off

    • Paid Vacation
    • Unlimited Paid Time Off
    • Paid Holidays
    • Personal/Sick Days

  • Financial and Retirement

    • 401(K)
    • Company Equity
    • Performance Bonus

  • Professional Development

    • Promote From Within
    • Mentor Program
    • Shadowing Opportunities
    • Access to Online Courses
    • Lunch and Learns

  • Diversity and Inclusion

    • Founder led

Search Additional Jobs

Sr SIEM Jobs in Bangalore, IndiaJobs in Bangalore, IndiaData and Analytics Jobs in Bangalore, India