Cherokee Nation Businesses

Sr Splunk Engineer

Cherokee Nation Businesses$150K — $160K *
US-AnywhereRemote in United States
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Active Public Trust clearance or ability to obtain one.
  • Minimum 7 years of cybersecurity experience, 4 in Detection Engineering or Security Operations.
  • Experience in building and tuning Splunk Enterprise Security correlation searches.
  • Hands-on Risk-Based Alerting implementation experience.
  • Strong AWS security knowledge including GuardDuty, CloudTrail, and IAM.

Responsibilities

  • Design and improve Splunk Enterprise Security detection content.
  • Develop and tune correlation searches, dashboards, and workflows.
  • Implement and optimize Risk-Based Alerting strategies.
  • Partner with Incident Response teams to enhance detection content.
  • Participate in threat hunting and incident investigations.

Benefits

  • Medical, Dental, Vision insurance.
  • 401(k) retirement plan.
  • Potential for additional benefits as provided.
Full Job Description
JOB DESCRIPTION

Senior Splunk Detection Engineer

Criterion Systems, a Cherokee Federal company, is seeking a Senior Splunk Detection Engineer to support the National Science Foundation (NSF) Cybersecurity & Privacy Program.

This hands-on Detection Engineering role is responsible for improving Security Operations Center (SOC) effectiveness through high-fidelity detections, Risk-Based Alerting (RBA), alert tuning, incident response collaboration, and future security automation initiatives. The successful candidate will partner closely with Security Operations, Incident Response, Cloud Engineering, and Vulnerability Management teams to build scalable detection capabilities that reduce false positives, improve analyst efficiency, and strengthen NSF's cybersecurity posture.

Compensation & Benefits

Estimated Starting Salary Range for Senior Splunk Detection Engineer:$150,000–$160,000

Pay commensurate with experience.

Full-time benefits include Medical, Dental, Vision, 401(k), and other possible benefits as provided. Benefits are subject to change with or without notice.

Senior Splunk Detection Engineer Responsibilities Include

  • Design, build, test, and continuously improve Splunk Enterprise Security detection content.
  • Develop and tune correlation searches, notable events, adaptive response actions, dashboards, and investigation workflows.
  • Implement and optimize Risk-Based Alerting (RBA) strategies.
  • Improve detection quality while reducing false positives and minimizing false negatives.
  • Map detections to the MITRE ATT&CK Framework and maintain coverage metrics.
  • Partner with Incident Response teams to convert real-world incidents into improved detection content.
  • Participate in threat hunting, incident investigations, tabletop exercises, and purple team activities.
  • Develop cloud detections leveraging AWS GuardDuty, CloudTrail, Security Hub, IAM, EC2, S3, VPC Flow Logs, and related telemetry.
  • Maintain Common Information Model (CIM) compliance and improve data normalization.
  • Measure detection quality through precision, recall, MTTR, and analyst workload reduction.
  • Support future Splunk SOAR (Phantom) automation initiatives.
  • Integrate Splunk Enterprise Security with ServiceNow Incident Response and other security technologies.
  • Collaborate with Security Operations, Cloud Engineering, Vulnerability Management, and Incident Response teams.
  • Performs other job-related duties as assigned.

Senior Splunk Detection Engineer Experience, Education, Skills, Abilities Requested

  • Active Public Trust clearance or the ability to obtain one.
  • Minimum seven (7) years of cybersecurity experience, including four (4) years in Detection Engineering, Security Operations, Incident Response, or Splunk Enterprise Security.
  • Experience building and tuning Splunk Enterprise Security correlation searches.
  • Hands-on Risk-Based Alerting (RBA) implementation experience.
  • Practical Incident Response experience or close partnership with IR teams.
  • Strong understanding of MITRE ATT&CK.
  • Experience improving detection fidelity and reducing false positives.
  • Strong AWS security knowledge including GuardDuty, CloudTrail, Security Hub, IAM, EC2, S3, and VPC Flow Logs.
  • Proficiency with SPL, Python, REST APIs, and Git.
  • Experience developing Splunk dashboards, reports, and investigations.
  • Excellent written and verbal communication skills.
  • Preferred:
    • Splunk Enterprise Security certifications
    • Splunk SOAR (Phantom)
    • Detection-as-Code
    • Sigma and YARA
    • CrowdStrike or Microsoft Defender for Endpoint
    • ServiceNow Incident Response
    • Knowledge of FISMA, NIST RMF, FedRAMP, and CMMC
  • Must pass pre-employment qualifications of Cherokee Federal.

Similar Searchable Job Titles

  • Senior Detection Engineer
  • Splunk Detection Engineer
  • Splunk Enterprise Security Engineer
  • Cyber Detection Engineer
  • Security Operations Engineer
  • SIEM Engineer
  • Threat Detection Engineer
  • SOC Detection Engineer
  • Cybersecurity Engineer
  • Security Analytics Engineer

Keywords

  • Splunk Enterprise Security
  • Splunk ES
  • Detection Engineering
  • Risk-Based Alerting
  • RBA
  • SIEM
  • MITRE ATT&CK
  • Incident Response
  • Threat Hunting
  • AWS Security
  • GuardDuty
  • CloudTrail
  • Security Hub
  • Python
  • SPL
  • SOAR
  • Phantom
  • ServiceNow
  • Sigma
  • YARA
  • CrowdStrike
  • Microsoft Defender
  • FedRAMP
  • NIST RMF
  • FISMA
  • CMMC
  • Public Trust

About Cherokee Nation Businesses

Cherokee Nation Businesses is a diversified holding company that manages a range of businesses and investments in various sectors, including gaming, hospitality, aerospace, real estate, technology, healthcare, natural resources, and more. The company is owned by the Cherokee Nation, the largest Native American tribe in the United States. Cherokee Nation Businesses is committed to creating economic opportunities and improving the quality of life for Cherokee citizens and the surrounding communities.
Learn more about Cherokee Nation Businesses
Size
7,000 employees
Industry

Similar Jobs

More Jobs at Cherokee Nation Businesses

More Information Technology Jobs

Find similar Sr Splunk Engineer jobs: