Senior Splunk Engineer

Role Title: Senior Splunk Engineer Start Date: ASAP End Date: 12 Months Daily Rate: $1100 - 1200 + Super Location : Sydney CBD / WFH Hybrid About You: Previous experience within a SOC or detection engineering role within a large enterprise.
Expert experience with Splunk Enterprise Security and its components (Splunk RBA, Splunk Threat Intelligence Framework etc.)
Expert experience with writing custom Microsoft Defender for Endpoint and Azure Sentinel rules, including development of KQL for custom detection rules and policy configuration.
Solid experience with AttackIQ and scripting attacker techniques to validate detections.
Understanding of security architecture and controls, their capabilities, and limitations.
Solid understanding of the cyber detection engineering lifecycle, from research and development, to testing, deployment, and maintenance of detection logic.
Solid understanding of cyber security frameworks such as MITRE ATT&CK and MITRE D3FEND.
Key Accountabilties: Leverage technologies such as Splunk Enterprise Security (especially Risk Based Alerting), Microsoft Defender for Endpoint and AttackIQ to develop, test, deploy and maintain custom detections.
Lead detection threat hunts based on threat intelligence and ongoing red/purple team engagements, to validate existing security controls and custom detections to inform future detection engineering activities.
Provide technical leadership to the broader team, being a point for escalation and mentoring for team members.
Work collaboratively across the broader Detection & Response teams and project teams, to improve our detection capabilities and improving our processes.
Sounds like you?
Great!
Click apply and remember to attach an updated version of your CV.