Finde einen Job 
Finde eine Ausbildung 
Top Arbeitgeber 
Top Universitäten 
Für Unternehmen Auf einen Blick
- Aufgaben: Develop and oversee threat detection content for Cloud and API Security using Splunk.
- Arbeitgeber: Join a dynamic team focused on enhancing cybersecurity through innovative solutions.
- Mitarbeitervorteile: Enjoy remote work flexibility and the chance to work with cutting-edge technology.
- Warum dieser Job: Make a real impact in cybersecurity while collaborating with a passionate team.
- Gewünschte Qualifikationen: Experience with Splunk, API Security, and Cloud Security is essential.
- Andere Informationen: Must be a US Citizen or valid Green Card holder; no visa sponsorship available.
Das voraussichtliche Gehalt liegt zwischen 48000 - 84000 € pro Jahr.
Sr. Splunk Threat Content Developer – Cloud and API Threat Detection – Remote
Splunk Threat Content Developer will develop, implement, and oversee content development for Threat Detection, Threat Analysis, and Threat investigations focused on Cloud Security and API Security. Bring your Splunk Content Engineering in Threat Detection, Threat analysis, Threat investigation, Splunk Security Analytics, for Cloud (Azure, AWS, SaaS, IaaS, PaaS) as well as API Security / OWASP threats.
Responsibilities:
- Lead Splunk content development focused on Threat (detection, analytics, investigation, and response) for Cloud Security (SaaS / IaaS / PaaS) and API Security (OWASP) threat use cases.
- Focus on: Cloud and API Threat Detection engineering, Content engineering, Splunk Enterprise Security, Cloud and API Security Threat content (OWASP, API Security, Cloud Security, and Healthcare security).
- Develop and implement Custom Splunk content and dashboards for analysts on emerging Cloud/API threats.
- Provide threat visibility and awareness for Cyber Security organization for new security capabilities.
- Engineer Splunk content Cloud /API Security Threat Detection, alerting, dashboards, IR runbooks, automation.
- Develop Splunk Content for Cloud / API Security threat use cases (cloud, container, or orchestration misconfiguration, OWASP vulnerabilities, Injection Flaws, insecure network policies, logging & monitoring / runtime threats, supply chain flaws, cloud IAM roles, Account hijacking, Data exfiltration).
- Cloud Identity Management, privileged access escalation, Key Management threat scenarios.
- Engineer Splunk content to monitor continuously for anomalous API traffic, remediate threats near real time.
- Engineer Splunk content for API Security Threat use cases (Broken authentication / access controls, security misconfigurations, automated threats, unsafe API consumption, Injection, request forgery, etc.).
- Engineer cloud threat Splunk correlation searches which provide the alerting mechanisms used by the SOC.
- Review newly ingested data sources for potential security alerts and create dashboards.
Qualifications, skills, and experience:
- Splunk experience and certifications.
- Strong experience in Splunk content development, building dashboards, reports and lookup tables.
- Experience with API Security, Cloud Security, and OWASP.
- Familiarity with Cloud Security (Azure) and / or Cloud Security Posture Management (CSPM).
- Programming experience (Splunk SPL, Python, Java, C++, Perl, HTML, CSS, Ansible, other).
- Expertise in large scale cyber security data analytics, identifying data-driven threat collection opportunities.
- Implementation, Operation and/or Management of SIEM solutions.
- Experience with common enterprise IT tools and logs (AD/AAD, IAM/MFA, CSPM, etc.).
- Experience with Windows and Linux tools.
- Security certifications (GIAC/SANS, ISC (2), EC-Council, etc.).
- Experience with automating common repeatable tasks using a variety of tools and methods.
- Information security analysis experience in a Cyber Security Operations Center (CSOC).
Soft skills:
- Ability to collaborate with others, leveraging many project approaches (Agile/Scrum, Waterfall, Gantt Charts).
- Comfortable working remotely with team members around the country. Self-starter with intellectual curiosity.
- Development of technical documents or presentations – IR/SOC threat runbooks.
LOGISTICS:
- Work remotely anywhere in Domestic US. Preferred locations Colorado or Georgia.
- COVID-19 Vaccine and Booster Required – OR must provide valid medical exemption from doctor in advance.
- Must be able to successfully pass a 12-panel drug screen, 10-year background check, employment verification.
- You will need to be a current US Citizen or valid Green Card holder. No need for visa now or in future. This role is not able to offer visa transfer or sponsorship now or in the future.
- W2 only – No sub vendors. Sponsorship NOT available.
- Must have direct contact information on resume (phone / email) to be considered.
#J-18808-Ljbffr
Splunk Threat Content Developer – Cloud API Threat Detection (BHJOB22048_760) Arbeitgeber: ITmPowered
Kontaktperson:
ITmPowered HR Team
StudySmarter Bewerbungstipps 🤫
So bekommst du den Job: Splunk Threat Content Developer – Cloud API Threat Detection (BHJOB22048_760)
✨Tip Number 1
Make sure to showcase your hands-on experience with Splunk and any relevant certifications you hold. Highlight specific projects where you've developed content for threat detection, especially in cloud and API security.
✨Tip Number 2
Familiarize yourself with the latest trends and threats in Cloud Security and API Security, particularly OWASP vulnerabilities. Being able to discuss recent developments in these areas during an interview can set you apart.
✨Tip Number 3
Demonstrate your programming skills by preparing examples of how you've used languages like Python or SPL to automate tasks or develop dashboards. This practical knowledge is crucial for the role.
✨Tip Number 4
Since this position requires collaboration with remote teams, be ready to discuss your experience working in Agile or Scrum environments. Share examples of how you've successfully collaborated on projects from a distance.
Diese Fähigkeiten machen dich zur top Bewerber*in für die Stelle: Splunk Threat Content Developer – Cloud API Threat Detection (BHJOB22048_760)
Tipps für deine Bewerbung 🫡
Highlight Relevant Experience: Make sure to emphasize your experience with Splunk content development, API Security, and Cloud Security in your application. Use specific examples that demonstrate your expertise in these areas.
Showcase Technical Skills: List your programming skills clearly, especially in Splunk SPL, Python, and any other relevant languages. Mention any certifications you hold related to Splunk or cybersecurity to strengthen your application.
Tailor Your Resume: Customize your resume to align with the job description. Focus on the responsibilities mentioned, such as developing dashboards and threat detection content, and ensure your achievements reflect these tasks.
Include Contact Information: Ensure your resume includes direct contact information (phone and email) as specified in the job listing. This is crucial for being considered for the position.
Wie du dich auf ein Vorstellungsgespräch bei ITmPowered vorbereitest
✨Showcase Your Splunk Expertise
Make sure to highlight your experience with Splunk, especially in content development and security analytics. Be prepared to discuss specific projects where you've implemented Splunk solutions for threat detection and how they contributed to overall security.
✨Demonstrate Knowledge of Cloud and API Security
Familiarize yourself with the latest trends and threats in Cloud and API security, particularly OWASP vulnerabilities. Discuss any relevant experience you have in these areas and be ready to provide examples of how you've addressed these challenges in past roles.
✨Prepare for Technical Questions
Expect technical questions related to programming languages like Python or Java, as well as your understanding of SIEM solutions. Brush up on your coding skills and be ready to solve problems on the spot or explain your thought process clearly.
✨Emphasize Collaboration and Soft Skills
Since this role involves working remotely with a team, highlight your ability to collaborate effectively. Share examples of how you've worked in Agile or Scrum environments and how you communicate with team members to achieve project goals.
