Information Security professional managing governance, audit, and compliance in banking domain. Collaborating across teams to enhance security posture and control effectiveness.
About the role
- Cybersecurity Engineer focusing on threat detection and engineering across various security platforms. Requires experience in Splunk, Snowflake, and compliance with regulations.
Responsibilities
- Design, develop, and maintain high-fidelity detections across Splunk, Snowflake, and related platforms
- Author SPL-based detections (Splunk) and SQL-based queries (Snowflake, MySQL, PostgreSQL, SQL Server)
- Design and optimize queries within Snowflake for detection logic and threat hunting
- Configure and maintain Snowpipe pipelines for real-time and batch ingestion of security-relevant data
- Partner with data engineering to ensure schema design and ingestion pipelines support scalable detection use cases
- Design and maintain integrations with Cribl/Databahn (or similar platforms) for log routing, transformation, and observability pipeline efficiency, telemetry enrichment, normalization, and cost-optimized data movement
- Provide administrative expertise for Splunk and Snowflake environments, ensuring resilience, scalability, and performance
- Map detections to the MITRE ATT&CK framework to ensure comprehensive threat coverage
- Use detection-as-code workflows for structured creation, testing, and deployment of detections
- Leverage Anvilogic content packs and extend/customize them for organization-specific threats
- Orchestrate multi-platform detection deployment across Splunk, Snowflake, and other SIEM/data lake platforms
- Apply coverage analytics within Anvilogic to identify detection gaps and validate against MITRE ATT&CK
- Manage the full lifecycle of detections including creation, validation, deployment, tuning, and retirement within Anvilogic
- Collaborate with SOC and IR teams to streamline workflows and reduce false positives using Anvilogic-driven integration
- Engineer detection solutions with compliance in mind (e.g., PCI-DSS, HIPAA, SOX, GLBA)
- Partner with SOC, IR, Threat Intel, Red/Purple, Continuous Security Validation, and Data Engineering teams to validate detections, minimize false positives, and strengthen visibility
Requirements
- Bachelor’s degree and five years of experience in systems engineering or administration or an equivalent combination of education and work experience
- In-depth knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering, and Mainframe security
- Previous experience in planning and managing IT projects
- 3+ years of experience in detection engineering, threat engineering, or a related security role
- Expertise in Splunk SPL and detection development
- Proficiency with SQL (MySQL, PostgreSQL, SQL Server)
- Hands-on experience with Snowflake, including: Authoring SQL-based detections and threat hunts
- Designing and managing Snowpipe pipelines for security data ingestion
- Proven Splunk and Snowflake administration experience
- Demonstrated ability to align detections to the MITRE ATT&CK framework
- Experience operating in highly regulated industries
- Relevant certifications: Splunk Certified Architect, SnowPro Core/Advanced, GIAC (GCDA, GCED, etc.)
- Experience with No-Code/Low-Code Security Detection Engineering tools
- Hands-on experience with Anvilogic (detection-as-code, orchestration, coverage analytics, lifecycle management)
- Hands-on experience with Cribl/Databahn or similar for log routing, enrichment, and observability pipelines cost-optimized telemetry and data engineering integration
- Python development experience
- Banking or financial services experience
- Docker, Kubernetes, containerization pipeline, and deployment experience
- Other security certifications (e.g. GSEC, GCED, GPPA, etc.)
Benefits
- Medical
- Dental
- Vision
- Life insurance
- Disability
- Accidental death and dismemberment
- Tax-preferred savings accounts
- 401k plan
- 10 days of vacation
- 10 sick days
- Paid holidays
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
IT Security Manager providing operational leadership for ICBC’s IT security program. Enhancing cyber security practices and managing security initiatives in a dynamic, hybrid cloud environment.
Security Officer ensuring safety and security of Yankee Candle assets and personnel. Responsiblities include monitoring, patrols, incident response, and safety training at the corporate campus.
Senior Specialist in Information Security Governance, Risk & Compliance at Cellulant, driving information security, privacy, and compliance standards within BFSI context.
Cloud Security & Application Security Engineer at Cellulant enhancing security across cloud - native platforms and applications. Working in a hybrid role to support a leading payment service provider in Africa.
IT Audit Consultant joining Baker Tilly to manage technology risks for clients, offering strategic advice and audit support. Engaging with client executives to ensure compliance and operational efficacy.
Senior Health and Safety Advisor overseeing health and safety on construction projects for Aecon. Ensuring compliance with SST legislation and promoting zero accident culture.
Experienced Information Security Officer at Daikin responsible for defining Information Security strategy and ensuring compliance with regulatory frameworks. Collaborating with external specialists and mentoring junior team members in EMEA.
Senior Information Security Specialist executing Daikin Europe’s Information Security strategy. Collaborating with leadership to ensure our systems and services remain secure and compliant with regulations.
Information System Security Officer ensuring security controls and risk mitigation in Aerospace. Collaborating with teams to assess threat landscapes and guide clients with actionable plans.