Senior Splunk Security Engineer

About JLL -

We're JLL-a leading professional services and investment management firm specializing in real estate. We have operations in over 80 countries and a workforce of over 98,000 individuals around the world who help real estate owners, occupiers and investors achieve their business ambitions. As a global Fortune 500 company, we also have an inherent responsibility to drive sustainability and corporate social responsibility. That's why we're committed to our purpose to shape the future of real estate for a better world. We're using the most advanced technology to create rewarding opportunities, amazing spaces and sustainable real estate solutions for our clients, our people and our communities.

Our core values of teamwork, ethics and excellence are also fundamental to everything we do and we're honored to be recognized with awards for our success by organizations both globally and locally.

Creating a diverse and inclusive culture where we all feel welcomed, valued and empowered to achieve our full potential is important to who we are today and where we're headed in the future. And we know that unique backgrounds, experiences and perspectives help us think bigger, spark innovation and succeed together.

If this job description resonates with you, we encourage you to apply even if you don't meet all of the requirements below. We're interested in getting to know you and what you bring to the table!

The Senior Splunk Security Engineer will serve as both a Splunk subject matter expert and as a detection engineer. The position will be heavily oriented toward engineering and automation, primarily assisting with on-going efforts to deploy Splunk and related infrastructure, while also working to enable priority detection use-cases. Over time the position will transition to a more balanced mix of engineering and 'purple-team' oriented security analytics and threat detection.

The ideal candidate will be highly technical and analytical, enjoy building things, with an in-depth knowledge of Splunk architecture and administration. A strong understanding of common attacker TTPs and the Mitre ATT&CK framework is a plus.

Job Responsibilities

The Senior Splunk Security Engineer position will support the following activities either through active ownership or in a supporting role.

Support the deployment, configuration, administration, and maintenance of Splunk Cloud, Splunk Enterprise Security, and Splunk SOAR platforms. Onboard new data sources, ensuring data is parsed, normalized, matched to data models and accelerated, as appropriate. Assist in the creation and management of Splunk knowledge objects. Collaborate with red team, threat intel team, incident responders, threat hunters, and SOC analysts to create and implement detection use-cases in Splunk Enterprise Security. Integrate Splunk SOAR with existing infrastructure and applications and support workbook and playbook creation. Build appropriate Splunk infrastructure performance monitoring dashboards and alerts Drive automation so a greater proportion of your time can be spent on detection engineering, and less time is spent on Splunk administration and maintenance.

Education

• Bachelor's degree or equivalent combination of education and experience
• Splunk and relevant security certifications a plus

Experience

• 5+ years information technology experience
• 3+ years detection engineering, security engineering, or similar experience
• 2+ years administering a Splunk Enterprise Security deployment
• Splunk Heavy Forwarder, Deployment Server, Universal Forwarder administration experience desired
• Splunk SOAR (previously Phantom) experience desired
• Cribl Stream experience desired

Skills (Required)

• Splunk administration skills, including proficiency w/ Splunk stack (e.g. Splunk Cloud, ES, SOAR, HF, DS, UF, etc)

Skills (Desired)

• Understanding of common TTPs and detection methodology
• Ability to research, develop, and implement detection use-cases in Splunk Enterprise Security
• Proficiency in at least one interpreted scripting language (e.g. Python, JS, Ruby, PowerShell)
• Proficiency in using and administering Linux servers
• Experience working in at least one of Azure or AWS
• Previous experience administering and troubleshooting Kubernetes clusters and containers
• Previous experience building, administering, or troubleshooting CI/CD pipelines

Benefits:

Our benefits are a good reason to come to JLL.

We are committed to hiring the best, most talented people in our industry, and then empowering them with the resources and support to enhance their health, financial and personal well-being. Our underlying benefits philosophy is this: be fair to our people, and provide opportunities for those who take advantage of our programs and resources to lower their health costs and increase their personal and financial security.

Benefits to eligible employees, include:

• 401(k) plan with matching company contributions
• Medical, Dental & Vision Care
• 6 weeks of paid parental leave at 100% of salary
• Paid Time Off and Company Holidays
• Flexible Work Arrangements may be available
• Executive Benefits

What you can expect from us

We succeed together and believe the best inspire the best, so we invest in supporting each other, learning together and celebrating our success.

Our Total Rewards program reflects our commitment to helping you achieve your career ambitions, recognizing your contributions, investing in your well-being and providing competitive benefits and pay.

We can't wait to see where your ambitions take you at JLL. Apply today!

JLL Privacy Notice

Jones Lang LaSalle (JLL), together with its subsidiaries and affiliates, is a leading global provider of real estate and investment management services. We take our responsibility to protect the personal information provided to us seriously. Generally the personal information we collect from you are for the purposes of processing in connection with JLL's recruitment process. We endeavour to keep your personal information secure with appropriate level of security and keep for as long as we need it for legitimate business or legal reasons. We will then delete it safely and securely.

For more information about how JLL processes your personal data, please view our Candidate Privacy Statement.

For additional details please see our career site pages for each country.

For employees in the United States, please see a fully copy of our Equal Employment Opportunity and Affirmative Action policy here.

This position may require you to be fully vaccinated against COVID-19. If required, you'll be asked to provide proof that you're fully vaccinated upon your start date. You're considered fully vaccinated two weeks after you receive the second dose of a two-dose vaccine series (e.g., Pfizer or Moderna) or two weeks after a single-dose vaccine (e.g., Johnson & Johnson/Janssen). Failure to provide proof of vaccination may result in termination.

Jones Lang LaSalle ("JLL") is an Equal Opportunity Employer and is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process - including the online application and/or overall selection process - you may contact us at Accommodation Requests. This email is only to request an accommodation. Please direct any other general recruiting inquiries to our Contact Us page > I want to work for JLL.