Email Alert for
ⓘ There was an unexpected error processing your request.
Please refresh the page and try again.
If the problem persists, please contact us with your issue.
You can always manage your preferences and update your interests to ensure you receive the most relevant opportunities.
Get ready to discover your next great opportunity.
Regions Bank
Atlanta
Thank you for your interest in a career at Regions. At Regions, we believe associates deserve more than just a job. We believe in offering performance-driven individuals a place where they can build a career --- a place to expect more opportunities. If you are focused on results, dedicated to quality, strength and integrity, and possess the drive t
Job Source: Regions BankElevance Health
Atlanta
**Threat Detection Engineer** **Location:** This position will work a hybrid model (remote and office). The ideal candidate will live within 50 miles of one of our Elevance Health PulsePoint locations. The **Threat Detection Engineer** is responsible for developing, maintaining, and improving detection capabilities within SIEM and other analytic pl
Job Source: Elevance HealthChick-fil-A
Atlanta
Overview Welcome to the Cybersecurity Incident Response & Operations team (CSIRT) at Chick-fil-A. We are a dedicated group focused on identifying and responding to cyber threats against our organization. As a Senior Lead Cybersecurity Analyst, you will apply your technical experience to help build and maintain capabilities around monitoring, detect
Job Source: Chick-fil-AAiritos
Atlanta
Job Description Job Description Security Threat Detection Engineer Consultant This is a remote position Responsibilities: · Ideate, design, develop, test, monitor, and tune high-quality detections to ensure security analysts have the ability to respond to security threats · Write complete and well-documented alerting and detection strategies to
Job Source: AiritosState Street Corporation
Atlanta, GA, United States
Senior Security Platform Engineer (a/k/a Cybersecurity) (State Street Bank and Trust Company; Atlanta, GA): Will serve as a technical expert for product engineering and service support for critical enterprise security technologies of the Company's Information Security Services. Entails hands on technical product design and deployment specifically f
Job Source: State Street CorporationChick-fil-A
Atlanta
Overview Welcome to the Cybersecurity Incident Response & Operations team (CSIRT) at Chick-fil-A. We are a dedicated group focused on identifying and responding to cyber threats against our organization. As a Cybersecurity Analyst III, you will apply your technical experience to help your peers on the Cybersecurity team identify and build improveme
Job Source: Chick-fil-ADeloitte
Atlanta
Deloitte Global is the engine of the Deloitte network. Our professionals reach across disciplines and borders to develop and lead global initiatives. We deliver strategic programs and services that unite our organization. Work you'll do As the Web Application Firewall (WAF) Engineer you will bring a demonstrated background in cybersecurity and deep
Job Source: DeloittePager
Atlanta, GA, United States
PagerDuty is seeking a Senior Security Engineer to join our diverse, customer-focused team! As a Senior Security Engineer , you will be a key contributor to leading security initiatives around foundational infrastructure supporting the PagerDuty SaaS offerings through architecture reviews, threat modeling sessions, and defining product security
Job Source: PagerAtlanta, GA, United States
Splunk Threat Content Developer – Cloud and API Threat Detection – Remote
Splunk Threat Content Developer will develop, implement, and oversee content development for Threat Detection, Threat Analysis, and Threat investigations focused on Cloud Security and API Security. Bring your Splunk Content Engineering in Threat Detection, Threat analysis, Threat investigation, Splunk Security Analytics, for Cloud (Azure, AWS, SaaS, IaaS, PaaS) as well as API Security / OWASP threats.
Responsibilities:
Lead Splunk content development focused on Threat (detection, analytics, investigation, and response) for Cloud Security (SaaS / IaaS / PaaS) and API Security (OWASP) threat use cases.
Focus on: Cloud and API Threat Detection engineering, Content engineering, Splunk Enterprise Security, Cloud and API Security Threat content (OWASP, API Security, Cloud Security, and Healthcare security).
Develop and implement Custom Splunk content and dashboards for analysts on emerging Cloud/API threats.
Provide threat visibility and awareness for Cyber Security organization for new security capabilities.
Engineer Splunk content Cloud /API Security Threat Detection, alerting, dashboards, IR runbooks, automation.
Develop Splunk Content for Cloud / API Security threat use cases (cloud, container, or orchestration misconfiguration, OWASP vulnerabilities, Injection Flaws, insecure network policies, logging & monitoring / runtime threats, CI/CD pipeline & supply chain flaws, cloud IAM roles, Account hijacking, Data exfiltration)
Cloud Identity Management, privileged access escalation, Key Management threat scenarios.
Engineer Splunk content to monitor continuously for anomalous API traffic, remediate threats near real time.
Engineer Splunk content for API Security Threat use cases (Broken authentication / access controls, security misconfigurations, automated threats, unsafe API consumption, Injection, request forgery, etc.)
Engineer cloud threat Splunk correlation searches which provide the alerting mechanisms used by the SOC.
Review newly ingested data sources for potential security alerts and create dashboards.
Qualifications, skills, and experience:
Splunk experience and certifications
Strong experience in Splunk content development, building dashboards, reports and lookup tables.
Experience with API Security, Cloud Security, and OWASP
Familiarity with Cloud Security (Azure) and / or Cloud Security Posture Management (CSPM)
Programming experience (Splunk SPL, Python, Java, C++, Perl, HTML, CSS, Ansible, other)
Expertise in large scale cyber security data analytics, identifying data-driven threat collection opportunities.
Implementation, Operation and/or Management of SIEM solutions
Experience with common enterprise IT tools and logs (AD/AAD, IAM/MFA, CSPM, etc.)
Experience with Windows and Linux tools
Security certifications (GIAC/SANS, ISC (2), EC-Council, etc.)
Experience with automating common repeatable tasks using a variety of tools and methods.
Information security analysis experience in a Cyber Security Operations Center (CSOC)
Soft skills
Ability to collaborate with others, leveraging many project approaches (Agile/Scrum, Waterfall, Gantt Charts)
Comfortable working remotely with team members around the country. Self-starter with intellectual curiosity
Development of technical documents or presentations – IR/SOC threat runbooks
LOGISTICS:
Work remotely anywhere in Domestic US. Preferred locations Colorado or Georgia.
COVID-19 Vaccine and Booster Required – OR must provide valid medical exemption from doctor in advance.
Must be able to successfully pass a 12-panel drug screen, 10-year background check, employment verification.
You will need to be a current US Citizen or valid Green Card holder. No need for visa now or in future. This role is not able to offer visa transfer or sponsorship now or in the future.
W2 only – No sub vendors. Sponsorship NOT available.
Must have direct contact information on resume (phone / email) to be considered.
#J-18808-Ljbffr
Email Alert for Splunk Threat Content Developer – Cloud API Threat Detection (BHJOB22048_760) jobs in Atlanta, GA, United States
ⓘ There was an unexpected error processing your request.
Please refresh the page and try again.
If the problem persists, please contact us with your issue.
You can always manage your preferences and update your interests to ensure you receive the most relevant opportunities.
Get ready to discover your next great opportunity.