SecureCoders LLC Splunk Security Engineer Remote · Full time

Security Developer / Splunk Engineer

Description

This position will be working with several members of our team and directly with our customer, brainstorming and developing "content" for their SIEM (Splunk).


Typically, your responsibilities will be to research various MITRE ATT&CK techniques to determine if they are relevant for our customer. If relevant, the fun begins with working through trillions (not a typo) of logs to determine how we could detect those techniques being applied to our customer's networks by a malicious actor.


How do we sift through trillions of logs? We use Splunk and the SPL (Splunk Programming Language) to isolate the information we are after to generate actionable alerts, which our customer's Security Operations Center then triages.


This position is an opportunity to experience, first hand, how a multi-billion dollar, global organization works to secure their enterprise and be a critical part of that.


Requirements

  • Super strong independent work ethic. We are 99% remote, but we do visit our customer from time to time when in person makes sense.
  • Understanding of core security principles and the desire to be constantly learning.
  • Experience with MITRE ATT&CK
  • Experience with Splunk SPL and configuration
  • Strong understanding of Linux / Networking
  • Experience with Python
  • Experience with cloud security



What It's like to work at SecureCoders


We are a close group of highly technical individuals. Half of us have the ability to hack just about any web app you put in front of us, others are experts in DevOps and building awesome applications from scratch.


SecureCoders offers excellent compensation with full benefits (80% paid by employer) as well as life insurance, and 401k.


We are a fully remote team that tries to get the whole crew together 2 times a year to have fun and generally do a hackathon. For example, this winter the whole crew is headed to Schmoocon!!!