Senior Security Engineer - Splunk, Cribl & Azure Sentinel

The company, an e& enterprise company, is looking for a talented and experienced Senior Security Engineer who will be responsible for the creation of procedures, implementation of process development, and maintenance of security systems across internal and client environments. The Security Engineer will work closely with Management, Senior Engineers, Threat Analysts, Solution Architects, other Security Engineers, and clients to complete high-profile, critical services for existing Managed Security Service clients. The Senior Security Engineer will oversee the administration, maintenance, and integration of Splunk, Cribl, Azure Sentinel, and EDR platforms for technical analysis, assessment, and recommendations related to real-time security, operational network and identity management systems, and application security monitoring.

Responsibilities:

• Administer Splunk and Splunk Apps, including developing new or extending existing Apps for specialized functionality.
• Integrate Splunk with various legacy data sources.
• Collaborate with application and infrastructure teams to establish best practices for utilizing Splunk data and visualizations.
• Design, implement, and support solutions with Microsoft security technologies including Azure Cloud Access Security Broker, Office 365 Advanced Threat Protection, and Microsoft Defender ATP.
• Implement and administer Microsoft Defender (ATP), Azure Cloud Access Security Broker, and Azure Threat Protection security products within customer environments.
• Manage and oversee day-to-day activities of the Azure IP platform ensuring adherence to project execution methodology and quality assurance standards.
• Handle implementation and support of vulnerability scanning systems such as Nessus scan engines and Tenable Security Center.
• Maintain local and network credentials, provision access to vulnerability scanning systems, and document vulnerabilities.
• Create watchlists to detect indicators of compromise (IOCs) and respond to malicious behavior.
• Serve as the primary responder for Managed Security customer systems, taking ownership of client configuration issues.

Qualifications & Skills:

• College degree or equivalent training with experience in a Security Operations Center or Managed Security.
• Minimum 7 years of professional experience supporting and maintaining SPLUNK SIEM System; 5-6 years with advanced tuning of Splunk content; experience in Cribl.
• Knowledge of EDR products, information security, and Microsoft Azure technologies.
• Experience with various SIEM security products (e.g., ArcSight, Nitro) and infrastructure components (e.g., proxies, firewalls, IDS/IPS).
• Shift flexibility, including after-hours support when needed.
• Experience with internal and client ticketing systems for Incident and Problem tracking.

Benefits:

• Health insurance with leading global providers.
• Career growth through challenging projects and work.
• Employee engagement and wellness campaign activities.
• Excellent learning and development opportunities.
• Annual flight tickets to home country.
• Inclusive and diverse working environment.
• Flexible/Hybrid working environment.
• Open door policy.

About Us:
The company is the cybersecurity arm of e& enterprise and offers strategic consultancy combined with tailored information security services to enterprise businesses and governments across the Middle East. Established as a trusted IT security advisor, the company remains vendor-agnostic and cybersecurity-focused to enhance clients' cyber defenses.