LEVELOCITIRemote
Senior Security Platform Engineer (Splunk)
United States
Full Time
2 hours ago
$110,000 - $160,000 USD
H1B Sponsor
Key skills
PythonPowerShellSplunkSaaSCommunicationFirewall
About this role
LEVELOCITI is an established national IT solutions integrator supporting mid-market and enterprise clients across various sectors. They are seeking a Senior Security Platform Engineer to lead and evolve the data platform for their Security Network Operations Center, focusing on Splunk architecture, data ingestion, and security automation.
Responsibilities:
- Own and administer Splunk Cloud and Splunk Enterprise Security across multiple customer environments
- Design and scale secure data ingestion (Universal Forwarders, HEC, parsing, CIM mapping)
- Ensure log data quality and reliable telemetry coverage
- Build and tune correlation searches and detection logic
- Develop and maintain SOAR playbooks and automation workflows
- Manage threat intelligence feeds and enrichment processes
- Collaborate with SOC teams to identify detection gaps and improve visibility
- Serve as a senior escalation point for platform-related issues
- Support customer onboarding and platform expansion
- Evaluate new tools to strengthen and modernize the security platform
Requirements:
- Strong hands-on SIEM or security platform engineering experience within production environments
- Strong experience administering Splunk Cloud and Splunk Enterprise Security
- Proven background onboarding and normalizing log data at scale (UF, HEC, parsing, CIM)
- Experience building and tuning correlation searches, risk rules, and detection logic
- Hands-on experience developing or maintaining SOAR playbooks and automation workflows
- Familiarity with threat intelligence ingestion and enrichment processes
- Experience working with common security telemetry sources (Windows, Linux, firewall, EDR, cloud, SaaS, identity)
- Scripting ability in Python, PowerShell, or similar for automation and data handling
- Experience operating in a managed services or multi-environment setting
- Strong communication skills and ability to support both internal teams and customers
- Splunk or security-related certifications
- Experience supporting multi-tenant environments
- Prior Managed Services or SOC experience