{bc}
linkedin

Senior Cybersecurity Specialist (Splunk Engineer)

GreenZone Cybersecurity
Riyadh, KSA
fulltime
Mid-Senior
Today
cybersecurityinformation securitynetwork securitySOCSIEMpenetration testing
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

cybersecurityinformation securitynetwork security
Smart Apply

Full Job Posting

About The Role

GreenZone is looking for a talented and experienced

Senior Cybersecurity Specialist (Splunk Engineer)

to

join our Cyber Engineering team

in Riyadh, Saudi Arabia.

The successful candidate will be responsible for the creation of procedures, implementation of process development, and maintenance of security systems across both internal and client environments.

The Security Engineer will work closely with Management, Security Operations Center Analysts, Threat Analysts, Solution Architects, other Security Engineers, and clients to deliver high-profile, mission-critical services to our Managed Security Services (MSS) customers.

This position is based in Riyadh, Saudi Arabia

, under the Cyber Engineering department, and will be responsible for the administration, maintenance, and integration of Security Operations Center (SOC) technologies, including SIEM, EDR, NDR, Vulnerability Assessment (VA), SOAR, and other cybersecurity platforms.

Key Responsibilities

  • Administering Splunk and Splunk Apps to include developing new or extending existing Apps to perform specialized functionality.
  • Integrating Splunk with a wide variety of legacy data sources.
  • Adapt to learn new SOC technologies from different vendors.
  • Engaging application and infrastructure teams to establish best practices for utilizing Splunk data and visualizations
  • Design, implement, and support Microsoft security technologies such as Microsoft Defender for Endpoint, Microsoft Defender for Office 365, Microsoft Defender for Cloud Apps, Microsoft Sentinel, and related integrations.
  • Handle the implementation, deployment, and support of vulnerability scanning engines in coordination with Engineering, SOC, and Incident Response teams. Document vulnerabilities and support remediation activities according to agreed SLAs.
  • Managing EDR sensors including deployment, operation, management, maintenance, update, upgrade, patching, and administration
  • Develop correlation searches, lookups, watchlists, dashboards, and alerts to detect Indicators of Compromise, suspicious behavior, and emerging threats.
  • Assess customer needs and expectations, design solutions to meet those needs, and then implement the design.
  • Quickly build and solve a problem using a new technology to determine viability.
  • Serve as a primary responder for Managed Security customer systems, taking ownership of client configuration issues and tracking through resolution.
  • Work closely with SOC team members to work on operational tasks/initiative to enhance the service quality.
  • Proactively work on fine tuning false positives and enhancing the process along with other MSS teams.
  • Develop content for SOC technologies (e.g., use cases for Splunk) in cooperation with SOC.

Qualifications & Skills

  • Experience and knowledge of Splunk SIEM is essential.
  • Minimum 3 years of professional experience supporting and maintaining Splunk SIEM & Enterprise Security.
  • Any additional experience with Fortinet (SIEM, SOAR, XDR),Google Security Operations, Symantec (ASG, DLP, SMG, CASB), Netskope , Palo Alto, Tenable will be considered as a big plus.
  • 3-5 years of experience with advanced tuning of Splunk SIEM content.
  • Professional experience working with networks and network architecture.
  • Bachelor’s degree or equivalent training with experience working in a Security Operations Center, Managed Security, or client network environment.
  • Information security knowledge in one or more areas such as EDR.
  • Practical hands-on experience in EDR (e.g., Carbon Black), Vectra, and Microsoft Azure.
  • General security knowledge, certificates on Splunk Admin, Splunk Architect, Splunk Consultant is highly desirable.
  • Knowledge of Linux and Windows Operating Systems.
  • Experience with other SIEM solutions such as QRadar & LogRhythm is highly preferred.
  • Experience working with clients in a service delivery function.
  • Shift flexibility, including the ability to provide after-hours support when needed.
  • Experience working with internal and client ticketing and knowledge base systems for Incident and Problem tracking as well as procedures.

Benefits

  • Health insurance with one of the leading global providers for medical insurance.
  • Career progression and growth through challenging projects and work.
  • Employee engagement activities throughout the year.
  • Tailored training & development program.

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today