Threat Detection Engineer (Splunk)
Peoplebank
Date: 9 hours ago
City: Docklands, Victoria
Contract type: Contractor
Job Title: Splunk Detection Engineer
Location: Melbourne CBD
Employment Type: 6 month contract (Day rate or salaried options available)
Role Overview
We are seeking a highly skilled and motivated Splunk Detection Engineer to join our banking client's Cyber Detection & Hunting team. This role is pivotal in developing and maintaining advanced cyber threat detection and hunting capabilities, ensuring robust security across Splunk’s environment and systems.
Core Responsibilities
This is a unique opportunity to work with a cutting-edge team at Splunk, contributing to the evolution of cyber defense strategies in a dynamic and innovative environment. You’ll be part of a collaborative culture that values continuous learning, creativity, and impact. Benefits include: EAP Program, Dedicated contractor care team, weekly pay and hybrid work arrangements.
Location: Melbourne CBD
Employment Type: 6 month contract (Day rate or salaried options available)
Role Overview
We are seeking a highly skilled and motivated Splunk Detection Engineer to join our banking client's Cyber Detection & Hunting team. This role is pivotal in developing and maintaining advanced cyber threat detection and hunting capabilities, ensuring robust security across Splunk’s environment and systems.
Core Responsibilities
- Develop and maintain cyber threat detection and hunting capabilities for Splunk.
- Research, innovate, and uplift threat detection and hunting methodologies.
- Design and maintain attack and use case models tailored to Splunk’s systems for detection and monitoring.
- Build and sustain continuous validation and assurance mechanisms for the detection and hunting pipeline.
- Maximize detection visibility, coverage, and ROI to uphold a defensible security architecture.
- Create threat/attack models to represent and detect known attack vectors.
- Collaborate with Threat Intelligence, Incident Response, and Cyber Orchestration teams to prioritize and enhance detection and automation capabilities.
- Partner with the Red Team to test and validate detection effectiveness.
- 5+ years in a CSOC, Cyber Detection, Threat Hunting, or SOAR development role.
- 5+ years developing detections within SIEM environments, particularly Splunk ES.
- 2+ years hands-on experience with Splunk.
- Proficiency with security tools such as endpoint detection and response systems, and network anomaly detection.
- Experience with cloud and SaaS platforms (AWS, Azure, M365, Entra ID) and understanding of associated threats.
- Expertise in designing and implementing threat/attack models to derive abuse cases, detection logic, and automated responses.
- Strong adversarial mindset with the ability to think like a threat actor.
- Proven track record in developing detection and hunting strategies for diverse cyber threats (malware, DDoS, phishing, lateral movement, data exfiltration), ideally in Financial Services or similar sectors.
- Experience in large, complex environments.
- Excellent consulting and stakeholder management skills.
- Energetic, proactive work ethic.
- Participation in penetration testing/red teaming exercises is a plus.
- NIST Cybersecurity Framework
- MITRE ATT&CK
- Lockheed Martin Cyber Kill Chain or similar methodologies
This is a unique opportunity to work with a cutting-edge team at Splunk, contributing to the evolution of cyber defense strategies in a dynamic and innovative environment. You’ll be part of a collaborative culture that values continuous learning, creativity, and impact. Benefits include: EAP Program, Dedicated contractor care team, weekly pay and hybrid work arrangements.
See more jobs in Docklands, Victoria