Senior Security Engineer - Splunk, Cribl & Azure Sentinel
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Help AG is seeking a Senior Security Engineer to administer Splunk, Cribl, Azure Sentinel, and EDR platforms for managed security services. The role involves integrating security technologies, managing vulnerability scanning, and supporting client environments.
Key Skills for This Role
Responsibilities
- Administer Splunk and Splunk Apps, including developing new or extending existing Apps for specialized functionality
- Integrate Splunk with a wide variety of legacy data sources
- Design, implement, and support solutions with Microsoft security technologies such as Azure Cloud Access Security Broker, O365 ATP, Microsoft Defender ATP
- Implement & administer Microsoft Defender (ATP), Azure Cloud Access Security Broker & Azure Threat Protection security products within customer environment
- Handle the implementation/deployment/support of Nessus scan engines and Tenable Security Center
- Maintain local and network credentials, Tenable Security Center, and provisions access to vulnerability scanning systems
- Integrate Nessus/TSC with other security and IT systems management tools
- Document vulnerabilities and work on vulnerability mitigation with agreed SLA
- Manage CB sensors including deployment, operation, management, maintenance, update, upgrade, patching, and administration
- Create watchlists to detect indicators of compromise (IOCs) and malicious behavior of new threats
- Assess customer needs and expectations, design solutions to meet those needs, and then implement the design
- Serve as a primary responder for Managed Security customer systems, taking ownership of client configuration issues and tracking through resolution
Requirements
- Minimum 7 years of professional experience supporting and maintaining SPLUNK SIEM System
- 5 6 years of experience with advanced tuning of Splunk SIEM content
- Experience in Cribl
- Professional experience working with networks and network architecture
- College degree or equivalent training with experience in a Security Operations Center, Managed Security, or client network environment
- Information security knowledge in one or more areas such as EDR
- Practical hands on experience in EDR (Carbon Black), Vectra, and Microsoft Azure
- Splunk, Azure Log analytics, or equivalent big data engine experience
- Experience with MS Azure Information Protection and technologies
- Certifications on Splunk Admin, Splunk Architect, Splunk Consultant is a must
- Knowledge of Linux and Windows Operating Systems
- Experience with various other SIEM security products such as Splunk, ArcSight, Nitro, or LogRhythm
Full Job Posting
Overview
- Help AG is looking for a talented and experience Senior Security Engineer who will be responsible for the creation of procedures, implementation of process development, and maintenance of security systems across internal and client environments.
- The Security Engineer will work closely with Management, Senior Engineers, Threat Analysts, Solution Architects, other Security Engineers, and clients to complete high profile, critical services to existing Managed Security Service clients.
- The Senior Security Engineer will be responsible for the administration, maintenance, and integration of Splunk, Cribl, Azure Sentinel, EDR platforms for security operations technical analysis, assessment, and recommendations.
Responsibilities
- Administering Splunk and Splunk Apps to include developing new or extending existing Apps to perform specialized functionality. Integrating Splunk with a wide variety of legacy data sources.
- Engaging application and infrastructure teams to establish best practices for utilizing Splunk data and visualizations.
- Design, implement, and support solutions with Microsoft security technologies such as Azure Cloud Access Security Broker, Office 365 Advanced Threat Protection (O365 ATP), Microsoft Defender ATP, and their integrations.
- Implement & administer Microsoft Defender (ATP), Azure Cloud Access Security Broker & Azure Threat Protection security products within customer environment.
- Handle the implementation/deployment/support of Nessus scan engines and Tenable Security Center and peripherals with Engineering, SOC, TIU, and IR.
- Maintain local and network credentials, Tenable Security Center, and provisions access to vulnerability scanning systems.
- Integrate Nessus/TSC with other security and IT systems management tools.
- Document vulnerabilities and work on vulnerability mitigation with agreed SLA.
- Managing CB sensors including deployment, operation, management, maintenance, update, upgrade, patching, and administration.
- Should be able to create watchlists to detect indicators of compromise (IOCs) and malicious behavior of new threats.
- Hands on in writing queries in CB to search the desired events.
- Assess customer needs and expectations, design solutions to meet those needs, and then implement the design.
Qualifications & Skills
- College degree or equivalent training with experience working in a Security Operations Center, Managed Security, or client network environment.
- Minimum 7 years of professional experience supporting and maintaining SPLUNK SIEM System.
- 5 6 years of experience with advanced tuning of Splunk SIEM content.
- Experience in Cribl.
- Professional experience working with networks and network architecture.
- Information security knowledge in one or more areas such as EDR – Enterprise end point security products.
- Practical hands on experience in EDR (Carbon Black), Vectra, and Microsoft Azure.
- Splunk, Azure Log analytics, or equivalent big data engine experience.
- Experience with MS Azure Information Protection and technologies, including solution architecture, deployment, management, and support in a large global enterprise.
- General security knowledge, certificates on Splunk Admin, Splunk Architect, Splunk Consultant is a must. Also, good to have is Azure, Managed vulnerability (Nessus/Tenable), EDR (Carbon Black) and Firewall related security certifications.
- Knowledge of Linux and Windows Operating Systems.
- Experience with various other SIEM security products such as: Splunk, ArcSight, Nitro, or LogRhythm and infrastructure components such as proxies, firewalls, IDS/IPS, and DLP.
Benefits
- Health insurance with one of the leading global providers for medical insurance.
- Career progression and growth through challenging projects and work.
- Employee engagement and wellness campaigns activities throughout the year.
- Excellent learning and development opportunities.
- Annual Flight tickets to home country.
- Inclusive and diverse working environment.
- Flexible/Hybrid working environment.
- Open door policy.
About Us
- Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses and governments across the Middle East with strategic consultancy combined with tailored information security services and solutions.
- Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in Feb 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.
- Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor agnostic, trustworthy, independent, and cybersecurity focused.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Help AG, an e& enterprise company
Cybersecurity Specialist (Database Activity Monitoring)
Riyadh, KSA
Help AG is seeking a Cybersecurity Specialist to manage and optimize Imperva Database Activity Monitoring (DAM) for a client in Riyadh. The role involves deploying agents, tuning policies, integrating with SIEM, and ensu
Senior Infrastructure Engineer
Dubai, UAE
Help AG is seeking a Senior Infrastructure Engineer to maintain MSS infrastructure including Windows/Linux servers, switches, firewalls, and cloud environments. The role involves health management, troubleshooting, patch
Associate Cybersecurity Defense Analyst
Riyadh, KSA
Help AG is looking for a talented Associate Cybersecurity Defense Analyst to join their SOC team. The role involves monitoring security technologies and events using SIEM tools to detect and identify cybersecurity incide
Associate Cybersecurity Defense Analyst
Riyadh, KSA
Help AG is hiring an Associate Cybersecurity Defense Analyst for its SOC team. The role involves monitoring security technologies and events using SIEM tools to detect and identify cybersecurity incidents. Candidates nee
IT Support Technician
Dubai, UAE
Help AG is seeking an IT Support Technician to maintain infrastructure and support employees. The role involves endpoint support, user onboarding, and infrastructure monitoring. Requires 1+ years of IT support experience
Offensive Cybersecurity Consultant
Dubai, UAE
Help AG is hiring an Offensive Security Consultant to perform vulnerability assessments, penetration testing, red teaming, and security research. Candidates need 3-4 years of experience, OSCP/OSCE certification, and stro
Security Consultant - Integration
Abu Dhabi, UAE
Help AG seeks an experienced Security Consultant for post-sales integration and pre-sales activities. The role involves deploying security solutions, leading projects, designing architectures, and delivering proof of con
Cyber Automation Intern
Dubai, UAE
Help AG is seeking a Cyber Automation Intern to contribute to Automation & AI initiatives within the Cyber Automation Team. The intern will work on tools like FortiSOAR, Python, AI/ML models, and APIs to automate MSS ope
Cybersecurity Specialist (Database Activity Monitoring)
Riyadh, KSA
Senior Infrastructure Engineer
Dubai, UAE
Associate Cybersecurity Defense Analyst
Riyadh, KSA
Associate Cybersecurity Defense Analyst
Riyadh, KSA
IT Support Technician
Dubai, UAE
Offensive Cybersecurity Consultant
Dubai, UAE
Security Consultant - Integration
Abu Dhabi, UAE
Cyber Automation Intern
Dubai, UAE