Job Description

SIEM Splunk Security Engineer

  • 06/09/2023
  • Sydney
  • Permanent / Full Time
Your purpose in this role:

You will play a crucial part in supporting the configuration and maintenance of SIEM and EDR tools and technologies. - Sydney or Brisbane office



What your day will look like: 
  • Deploying, monitoring, and maintaining managed security tools, continuously improving capabilities and processes.
  • Providing Subject Matter Expert (SME) advice to develop managed service offerings, including assisting in scoping new offerings.
  • Collaborating with the Security Operations Centre staff to recommend improvements to security coverage, log source onboarding, use case development, and toolset training.
  • Enhancing the quality of dashboards and use case alerting to optimize threat detection and response.
  • Maintaining service management best practices and processes to ensure effective service delivery.
  • Staying up-to-date with emerging threats and offensive techniques to strengthen the security posture.
  • Leading continuous improvement initiatives for the platforms you maintain.
  • Assisting the Client Engagement Manager with service delivery reporting through data collection, analysis, and trend summaries.
  • Upgrading and changing security systems based on environmental monitoring and evaluation of gaps and enhancements within Service Limits.


About you and your experience:
  • A completed bachelor's degree or equivalent in computer science or information security fields.
  • Hands-on experience in onboarding log sources, building dashboards, and managing SIEM environments.
  • A strong understanding of SIEM components like Splunk, Rapid7 IDR, or Azure Sentinel.
  • Ability to create comprehensive documentation, including assessments, designs, configuration guides, tuning guides, and operational guides.
  • Familiarity with IT service management practices and processes.
  • Proficient knowledge of IP networks and the various mechanisms, appliances, and controls used to protect them.
  • Vendor qualifications in leading SIEM and/or EDR platforms.
  • Experience with common query languages used in SIEM platforms.
  • Proficiency in scripting languages.

How you can apply:
Please give Kris a call if you would like to know more on 0452 564 644
OR
Please email me your CV and I can share the job description with you - kris@decipherbureau.com
BACK APPLY