Key skills
PythonBashPowerShellAWSAzureAzure MonitorAzure ADEntra IDOktaActive DirectorySplunkPerformance Optimization
About this role
BrothersTech is seeking a highly skilled Splunk Engineer to design, implement, maintain, and optimize enterprise Splunk environments. The ideal candidate will have expertise in Splunk Enterprise, SIEM operations, and automation.
Responsibilities:
- Administer and maintain enterprise Splunk environments
- Onboard and normalize security and infrastructure logs
- Develop detection rules and correlation searches
- Create dashboards and executive reports
- Optimize search performance and index management
- Support SOC teams during investigations
- Implement Splunk ES use cases and threat detection content
- Automate operational tasks and integrations
- Troubleshoot ingestion and performance issues
Requirements:
- 5+ years of hands-on Splunk experience
- Splunk Enterprise Administration
- Splunk Cloud Administration
- Indexer Cluster Management
- Search Head Clustering
- Deployment Server Management
- Forwarder Management (UF/HF)
- Data Onboarding & Parsing
- Knowledge Object Management
- Splunk Enterprise Security (ES)
- Security Monitoring
- Threat Detection
- Threat Hunting
- Incident Investigation
- Use Case Development
- Correlation Searches
- Risk-Based Alerting (RBA)
- MITRE ATT&CK Framework
- SOC Operations
- Advanced SPL Query Writing
- Dashboard Development
- Reports & Alerts
- Data Models
- CIM (Common Information Model)
- Performance Optimization
- Windows Security Logs
- Linux Syslogs
- Active Directory
- Azure AD / Entra ID
- AWS CloudTrail
- Azure Monitor
- Okta
- Palo Alto Firewalls
- Cisco Devices
- CrowdStrike Falcon
- Microsoft Defender
- Python
- PowerShell
- Bash
- REST APIs
- Splunk SOAR (Phantom)
- Cribl Stream
- Microsoft Sentinel
- QRadar Migration Experience
- Elastic Stack
- AWS Security Services
- Detection Engineering
- Threat Intelligence Integration