Senior Splunk Security Engineer

Business Unit:

Cubic Corporation

Company Details:

Cubic offers an opportunity to provide innovative technology for government and commercial customers around the globe, helping to solve their future problems today. We're the leading integrator of payment and information technology and services for intelligent travel solutions worldwide, and the leading provider of realistic combat training systems, secure communications and networking and highly specialized support services for military and security forces of the U.S. and allied nations. If you have an entrepreneurial spirit and thrive in an innovative environment, we want to talk to you about your next role at Cubic! We are seeking employees inspired by technology, and motivated by the rewards of hard work, commitment, teamwork, quality, integrity, and respect. We invite you to explore opportunities with Cubic.

Job Details:

Job Summary:

The Splunk Security Engineer is responsible for the design, development, and implementation of the Splunk infrastructure as well as ongoing support operations and maintenance activities. The operational Splunk environment will continue to go through revisions to meet requirement demands. The Splunk Security Engineer is responsible for designing and executing these changes to implement the future state of Splunk for the organization. They will participate in the Cubic Incident Response Team and work directly with the Security Engineering team to support and ensure the effectiveness and usefulness of the Splunk infrastructure. The Splunk Security Engineer is the Splunk subject matter expert at Cubic.

Essential Job Duties and Responsibilities:

• Design, build, maintain, and tune our Splunk Cloud infrastructure.
• Maintain Splunk application and dashboard developer using complex data searches.
• Perform optimization of Splunk applications to reduce the impact on resources.
• Perform technical architecture review of the Splunk software environment and deployment, technical configuration of various Splunk components such as Search Heads, Indexers, and Splunk add-ons (including security add-ons), and deploying Forwarders that are responsible for ingesting data into Splunk.
• Development of front-end searches, dashboards, and reports that are used for Security Analysts and IT engineers for advanced threat detection. This front-end development includes writing queries with Splunk's SPL (Search Processing Language).
• Perform root-cause analysis of any issues that arise post-implementation and work on solutions related to issue fixing.
• Perform data onboarding and manage Splunk Tas.
• Manage complex data, specifically managing role-based access control, configuring roles, and designing data onboarding to support current and future roles.
• Perform Splunk environment upgrades and scaling, including building out Search Head clustering or Index clustering. Scaling will also include the expansion of use cases and bringing new data sources into Splunk.
• Perform Splunk health checks, including a review of existing deployment architecture and Splunk search performance in both cloud and on-prem environments.
• Make necessary recommendations and corrections for the optimization of system and platform performance.
• Manage our Splunk Premium App Enterprise Security (ES).

Minimum Job Requirements:

• Four-year college degree in computer science/computer engineering/other related technical discipline OR equivalent years of experience in lieu of a degree.
• Five (5)+ years of related experience. Five years of Information Security with three years of Splunk Engineering.
• Must have experience with Splunk Enterprise Certified Admin/Splunk Cloud Certified Admin.
• Must have extensive knowledge of Splunk Cloud environments, Security Architecture and Engineering and technical design, and Information Security Monitoring (Security Operations Center - SOC).
• Experience working in an agile environment.
• Experience with Regex and custom scripting.
• Other cybersecurity certifications (Security+, GIAC (GSEC, GCIH, etc.) are desirable.
• Knowledge of Windows, Linux, Cloud, and Networking security.
• Experience supporting Splunk UBA is a bonus.
• Excellent analytical, problem-solving, and decision-making skills, applied with a solution-focused attitude are required.
• Excellent written communication skills, demonstrating the ability to write with purpose, clarity, and accuracy are expected.

The description provided above is not intended to be an exhaustive list of all job duties, responsibilities and requirements. Duties, responsibilities and requirements may change over time and according to business need.

Additional Information

(San Diego only***) Targeted full-time salary range between $116,799 - $147,268 + benefits.

***Note: Disclosure of the pay scale data as required by Labor Code Section 432.3.

The Cubic pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Worker Type:

Employee