Staff Splunk Detection Engineer
ServiceNow
- Dublin
- Permanent
- Full-time
- Build threat detection use cases leveraging threat intelligence and incident response data.
- Document products and deliver demos to operational teams.
- Work directly with security platform engineering teams, platform Development teams, and product managers on requirements and future product roadmaps.
- Collaborate with other detection engineers and incident responders on new detections.
- Design and build systems in a variety of public cloud ecosystems.
- Provide input on future products for a digital transformation cloud company.
- Work with a data scientist on training novel ML models for detection use cases.
- Overall 8 years of experience in Security Engineering or Security Operations.
- At least 4 years of experience of writing advanced power user queries in Splunk including creating field extractions with regex.
- At least 1 year experience working with public cloud technology SaaS (AWS/Azure/GCP).
- Bachelor's degree in a technical science or equivalent project/work experience.
- Familiar with incident response / digital forensics processes.
- Knowledge of or experience in SOAR (Security Orchestration, Automation and Response) concepts.
- Experience in or working directly with security operations teams.
- High degree of interpersonal skills will be required given this role will interact with many teams.
- Familiar with using the ServiceNow platform is preferred.
- Open mind for exploring new ideas for automating repetitive manual tasks.