ITmPowered Consulting
Splunk Threat Content Developer – Cloud API Threat Detection (BHJOB22048_760)
ITmPowered Consulting, Seattle, Washington, us, 98127
Splunk Threat Content Developer – Cloud API Threat Detection (BHJOB22048_760)
Join to apply for the
Splunk Threat Content Developer – Cloud API Threat Detection (BHJOB22048_760)
role at
ITmPowered Consulting . Overview
Splunk Threat Content Developer will develop, implement, and oversee content for Threat Detection, Threat Analysis, and Threat investigations focused on Cloud Security and API Security. Bring your expertise in Splunk Content Engineering for Threat Detection, Threat analysis, Threat investigation, and Splunk Security Analytics, covering Cloud (Azure, AWS, SaaS, IaaS, PaaS) as well as API Security and OWASP threats. Responsibilities
Lead Splunk content development for Threat detection, analytics, investigation, and response related to Cloud Security (SaaS / IaaS / PaaS) and API Security (OWASP). Develop and implement custom Splunk content and dashboards for emerging Cloud/API threats. Provide threat visibility and awareness for the Cyber Security organization. Engineer Splunk content for Cloud and API Security Threat Detection, alerting, dashboards, IR runbooks, and automation. Create content for specific threat use cases such as cloud misconfigurations, OWASP vulnerabilities, injection flaws, insecure network policies, and more. Monitor and analyze ingested data sources for security alerts and develop dashboards accordingly. Qualifications and Skills
Splunk experience and certifications. Strong skills in Splunk content development, dashboards, reports, and lookup tables. Experience with API Security, Cloud Security, and OWASP. Familiarity with Cloud Security (Azure) and CSPM. Programming skills in SPL, Python, Java, C++, Perl, HTML, CSS, Ansible, etc. Experience in large-scale cyber security data analytics and SIEM solutions. Knowledge of enterprise IT tools and logs (AD/AAD, IAM/MFA, CSPM). Security certifications such as GIAC/SANS, ISC(2), EC-Council. Experience automating tasks and working in a Cyber Security Operations Center (CSOC). Soft Skills
Collaboration skills, familiarity with Agile/Scrum, Waterfall, Gantt Charts. Ability to work remotely, self-starter, curious mind. Experience developing technical documents and threat runbooks. Logistics
Remote work within the US, preferably Colorado or Georgia. COVID-19 vaccination and booster required or valid medical exemption. Pass a drug screen, background check, and employment verification. Must be a US citizen or Green Card holder; no visa sponsorship available. W2 employment only; no sub vendors. Include contact info on resume (phone/email). To apply, email your details to
careers@itmpowered.com .
#J-18808-Ljbffr
Join to apply for the
Splunk Threat Content Developer – Cloud API Threat Detection (BHJOB22048_760)
role at
ITmPowered Consulting . Overview
Splunk Threat Content Developer will develop, implement, and oversee content for Threat Detection, Threat Analysis, and Threat investigations focused on Cloud Security and API Security. Bring your expertise in Splunk Content Engineering for Threat Detection, Threat analysis, Threat investigation, and Splunk Security Analytics, covering Cloud (Azure, AWS, SaaS, IaaS, PaaS) as well as API Security and OWASP threats. Responsibilities
Lead Splunk content development for Threat detection, analytics, investigation, and response related to Cloud Security (SaaS / IaaS / PaaS) and API Security (OWASP). Develop and implement custom Splunk content and dashboards for emerging Cloud/API threats. Provide threat visibility and awareness for the Cyber Security organization. Engineer Splunk content for Cloud and API Security Threat Detection, alerting, dashboards, IR runbooks, and automation. Create content for specific threat use cases such as cloud misconfigurations, OWASP vulnerabilities, injection flaws, insecure network policies, and more. Monitor and analyze ingested data sources for security alerts and develop dashboards accordingly. Qualifications and Skills
Splunk experience and certifications. Strong skills in Splunk content development, dashboards, reports, and lookup tables. Experience with API Security, Cloud Security, and OWASP. Familiarity with Cloud Security (Azure) and CSPM. Programming skills in SPL, Python, Java, C++, Perl, HTML, CSS, Ansible, etc. Experience in large-scale cyber security data analytics and SIEM solutions. Knowledge of enterprise IT tools and logs (AD/AAD, IAM/MFA, CSPM). Security certifications such as GIAC/SANS, ISC(2), EC-Council. Experience automating tasks and working in a Cyber Security Operations Center (CSOC). Soft Skills
Collaboration skills, familiarity with Agile/Scrum, Waterfall, Gantt Charts. Ability to work remotely, self-starter, curious mind. Experience developing technical documents and threat runbooks. Logistics
Remote work within the US, preferably Colorado or Georgia. COVID-19 vaccination and booster required or valid medical exemption. Pass a drug screen, background check, and employment verification. Must be a US citizen or Green Card holder; no visa sponsorship available. W2 employment only; no sub vendors. Include contact info on resume (phone/email). To apply, email your details to
careers@itmpowered.com .
#J-18808-Ljbffr