Capgemini
Join to apply for the
Splunk Enterprise Security Engineer
role at
Capgemini
Job Title:
Security Manager – Splunk Enterprise Security Engineer
Location:
N. America (Remote)
Travel:
25%
Job Description We are seeking a highly skilled Splunk Enterprise Security Administrator with strong expertise in architecture, deployment, and management of Splunk environments. The ideal candidate will have experience in designing scalable Splunk solutions, managing day‑to‑day operations, and creating advanced content such as notable events, correlation searches, dashboards, and reports. Experience with Splunk Phantom (SOAR) for security orchestration and automation is a significant plus.
Key Responsibilities
Architecture & Deployment – Design and implement Splunk Enterprise Security architecture for large‑scale environments; lead deployments, upgrades, and integrations with security tools and data sources; ensure high availability, scalability, and performance tuning.
Administration & Management – Maintain and optimize Splunk ES environments; manage data onboarding, parsing, and normalization; implement best practices for data retention, storage, and compliance.
Content Development – Create and manage correlation searches, notable events, dashboards, and reports; develop custom SPL queries and macros; collaborate with SOC teams to enhance detection and response capabilities.
Security Automation – Utilize Splunk Phantom (SOAR) to design and implement automated playbooks for incident response; integrate SOAR workflows with Splunk ES alerts and third‑party security tools.
Monitoring & Troubleshooting – Proactively monitor Splunk health and performance; conduct root cause analysis and resolve Splunk‑related incidents.
Required Skills
3+ years of experience with Splunk Enterprise Security administration and architecture.
Strong knowledge of SPL (Search Processing Language) and advanced query development.
Experience with Splunk deployment best practices and distributed architecture.
Familiarity with SIEM concepts, threat detection, and incident response workflows.
Understanding of common security frameworks (MITRE ATT&CK, NIST, etc.).
Bonus Skills
Hands‑on experience with Splunk Phantom (SOAR) for automation and orchestration.
Scripting skills (Python, Bash, PowerShell) for automation and integration.
Desired Skills
Certifications (Preferred): Splunk Certified Architect; Splunk Enterprise Security Certified Admin; Splunk SOAR Certified Automation Developer.
Strong problem‑solving and analytical skills.
Ability to work independently and in cross‑functional teams.
Excellent communication and documentation skills.
Benefits
Flexible work
Healthcare including dental, vision, mental health, and well‑being programs
Financial well‑being programs such as 401(k) and Employee Share Ownership Plan
Paid time off and paid holidays
Paid parental leave
Family building benefits like adoption assistance, surrogacy, and cryopreservation
Social well‑being benefits like subsidized back‑up child/elder care and tutoring
Mentoring, coaching and learning programs
Employee Resource Groups
Disaster Relief
Equal Opportunity Capgemini is an Equal Opportunity Employer encouraging inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.
Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini.
#J-18808-Ljbffr
Splunk Enterprise Security Engineer
role at
Capgemini
Job Title:
Security Manager – Splunk Enterprise Security Engineer
Location:
N. America (Remote)
Travel:
25%
Job Description We are seeking a highly skilled Splunk Enterprise Security Administrator with strong expertise in architecture, deployment, and management of Splunk environments. The ideal candidate will have experience in designing scalable Splunk solutions, managing day‑to‑day operations, and creating advanced content such as notable events, correlation searches, dashboards, and reports. Experience with Splunk Phantom (SOAR) for security orchestration and automation is a significant plus.
Key Responsibilities
Architecture & Deployment – Design and implement Splunk Enterprise Security architecture for large‑scale environments; lead deployments, upgrades, and integrations with security tools and data sources; ensure high availability, scalability, and performance tuning.
Administration & Management – Maintain and optimize Splunk ES environments; manage data onboarding, parsing, and normalization; implement best practices for data retention, storage, and compliance.
Content Development – Create and manage correlation searches, notable events, dashboards, and reports; develop custom SPL queries and macros; collaborate with SOC teams to enhance detection and response capabilities.
Security Automation – Utilize Splunk Phantom (SOAR) to design and implement automated playbooks for incident response; integrate SOAR workflows with Splunk ES alerts and third‑party security tools.
Monitoring & Troubleshooting – Proactively monitor Splunk health and performance; conduct root cause analysis and resolve Splunk‑related incidents.
Required Skills
3+ years of experience with Splunk Enterprise Security administration and architecture.
Strong knowledge of SPL (Search Processing Language) and advanced query development.
Experience with Splunk deployment best practices and distributed architecture.
Familiarity with SIEM concepts, threat detection, and incident response workflows.
Understanding of common security frameworks (MITRE ATT&CK, NIST, etc.).
Bonus Skills
Hands‑on experience with Splunk Phantom (SOAR) for automation and orchestration.
Scripting skills (Python, Bash, PowerShell) for automation and integration.
Desired Skills
Certifications (Preferred): Splunk Certified Architect; Splunk Enterprise Security Certified Admin; Splunk SOAR Certified Automation Developer.
Strong problem‑solving and analytical skills.
Ability to work independently and in cross‑functional teams.
Excellent communication and documentation skills.
Benefits
Flexible work
Healthcare including dental, vision, mental health, and well‑being programs
Financial well‑being programs such as 401(k) and Employee Share Ownership Plan
Paid time off and paid holidays
Paid parental leave
Family building benefits like adoption assistance, surrogacy, and cryopreservation
Social well‑being benefits like subsidized back‑up child/elder care and tutoring
Mentoring, coaching and learning programs
Employee Resource Groups
Disaster Relief
Equal Opportunity Capgemini is an Equal Opportunity Employer encouraging inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.
Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini.
#J-18808-Ljbffr