ZipRecruiter

Log In

1

Overnight Splunk Security Engineer Jobs in Oregon

ECS

Senior Splunk Engineer

Portland, OR · On-site +1

$121K - $166K/yr

The Senior Splunk Engineer designs, implements, maintains, and optimizes Splunk capabilities that ... Security Analytics & Detection Support * Develop, maintain, and tune SPL searches, correlation ...

ECS

Security Engineer

Portland, OR · On-site

Coordinate with SOC analysts, Splunk engineers, threat hunters, and system administrators to ensure security tooling supports monitoring, investigation, and response requirements. Vulnerability, Risk ...

ECS

Splunk Architect Lead

Portland, OR · On-site

The ideal candidate combines deep Splunk architecture expertise, hands-on engineering experience, security operations knowledge, and leadership ability to guide engineers, analysts, stakeholders, and ...

ECS

Security Engineer

Portland, OR · On-site

... Splunk engineers, threat hunters, and system administrators to ensure security tooling supports monitoring, investigation, and response requirements. • Analyze vulnerability scan results ...

iHerb

OR · On-site

$114K - $156K/yr

About the Role We are looking for a hands-on Security Automation Engineer and builder who thrives ... Architect, build, and maintain Splunk Enterprise Security (ES) integrations, including onboarding ...

Tyto Athene, LLC

Cloud Security Engineer (AWS & GCP)

$110K - $140K/yr

Splunk Enterprise * Tenable Security Center/Nessus * Invicti/Acunetix * Appgate * Okta * GitLab ... Prior oncall, SRE, SOC, or incident response experience. * Relevant AWS or Google Cloud Platform ...

Valiant Solutions, LLC

Senior SIEM Engineer

$114K - $156K/yr

The Senior SIEM Engineer serves as the technical lead for the design, deployment, tuning, and ... Splunk Certified Architect, Splunk Enterprise Security Certified Admin, or Splunk Core Certified ...

Logistics Management Institute

DevSecOps Engineer

$101K - $170K/yr

Implement and monitor cloud security best practices, including Identity and Access Management (IAM ... Hands-on experience with monitoring and alerting tools like DataDog, Splunk, or CloudWatch Logs ...

Fragomen, Del Rey, Bernsen & Loewy, LLP

OR · On-site

As a Security Engineer focused on Incident Response, you will: * Lead and support end-to-end ... Experience using SIEM and security platforms such as: * Splunk, Microsoft Sentinel, QRadar ...

ECS

SOC Tier 2 Analyst

Portland, OR · On-site

... Engineer, Splunk Architect/Lead, Security Engineer, and SOC Technical Writer as appropriate. • Document investigation activities, evidence, decisions, response actions, and outcomes clearly and ...

ECS

SOC Tier 2 Analyst

Portland, OR · On-site

Provide operational requirements and validation feedback to SOC Analyst 3, SOC Threat Hunter, Senior Splunk Engineer, Splunk Architect/Lead, Security Engineer, and SOC Technical Writer as appropriate.

ECS

SOC Tier 3 Analyst

Portland, OR · On-site

$88K - $104K/yr

... Splunk engineering, security engineering, and program stakeholders. This role involves shift work schedule to support our 24/7 operation, including weekends and holidays. Candidates must be flexible ...

Tyto Athene, LLC

$104K - $142K/yr

The engineer will be responsible for maintaining, troubleshooting, and optimizing network boundary ... Familiarity with SIEM platforms (Splunk, ArcSight, Elastic) for log analysis and security ...

ECS

SIEM Infrastructure and Detection Engineer

Portland, OR · On-site +1

$151K/yr

The engineer works directly with security analysts, system owners, and DHS CDM teams to ensure ... Lead the design, deployment, and monitoring of enterprise SIEM platforms (e.g., Splunk, Elastic ...

ECS

SOC Tier 3 Analyst

Portland, OR · On-site

... Splunk engineering, security engineering, and SOC leadership during high-impact incidents. • Experience leading lessons-learned reviews, tabletop exercises, detection reviews, analyst enablement ...

ECS

SOC Tier 1 Analyst

Portland, OR · On-site

... Splunk engineering, or security engineering teams. • Participate in training, drills, tabletop exercises, and lessons-learned activities to improve monitoring and triage performance. • Stay ...

Cisco

Account Executive - Splunk Commercial

Portland, OR · On-site +1

$136K - $187K/yr

... Splunk, a Cisco company, is building a safer and more resilient digital world with an end-to-end ... management, DevOps, security, business applications, or analytics. Why Cisco? At Cisco, we're ...

next page

Showing results 1-20

All JobsSplunk Security Engineer JobsOvernight Splunk Security Engineer JobsOvernight Splunk Security Engineer Jobs in Oregon

Overnight Splunk Security Engineer information

What are the most commonly searched types of Splunk Security Engineer jobs in Oregon? The most popular types of Splunk Security Engineer jobs in Oregon are:
What cities in Oregon are hiring for Overnight Splunk Security Engineer jobs? Cities in Oregon with the most Overnight Splunk Security Engineer job openings:
Overnight Splunk Security Engineer jobs near you
Senior Splunk Engineer

Senior Splunk Engineer

ECS

Portland, OR • On-site, Remote

$121K - $166K/yr

Full-time

Posted 25 days ago

Job description

Everforth ECS is seeking a Senior Splunk Engineer to work in our Portland, OR office or Remotely.
The Senior Splunk Engineer designs, implements, maintains, and optimizes Splunk capabilities that support cybersecurity monitoring, investigation, reporting, and security operations. This role is responsible for Splunk platform engineering, data onboarding, search performance, dashboards, alerts, integrations, and technical support for SOC and cybersecurity stakeholders.
The ideal candidate has deep hands-on experience administering Splunk Enterprise, Splunk Enterprise Security, or Splunk Cloud environments; understands security data pipelines and SIEM operations; and can independently troubleshoot complex platform, data ingestion, parsing, indexing, search, and content issues while collaborating with analysts, engineers, and program leadership.
Key Responsibilities
Splunk Platform Engineering & Administration
  • Administer, configure, maintain, and optimize Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud, or distributed Splunk environments.
  • Support indexers, search heads, deployment servers, heavy forwarders, universal forwarders, apps, add-ons, knowledge objects, and role-based access controls.
  • Monitor platform health, availability, license utilization, data ingestion, storage, capacity, search concurrency, and overall performance.
  • Plan and execute upgrades, patches, configuration changes, backup and recovery activities, and platform maintenance in accordance with change management processes.

Data Onboarding & Integration
  • Onboard, normalize, validate, and maintain security, infrastructure, cloud, endpoint, network, application, identity, and operational data sources.
  • Configure and troubleshoot inputs, forwarders, sourcetypes, indexes, props.conf, transforms.conf, field extractions, lookups, event types, tags, and data routing.
  • Map data to the Splunk Common Information Model and support data model acceleration, normalization, and content readiness for security analytics.
  • Integrate Splunk with security tools, ticketing systems, SOAR platforms, vulnerability tools, EDR solutions, firewalls, IDS/IPS, cloud platforms, and identity systems.

Security Analytics & Detection Support
  • Develop, maintain, and tune SPL searches, correlation searches, alerts, dashboards, reports, notable event rules, and security monitoring use cases.
  • Partner with SOC analysts, threat hunters, threat intelligence analysts, and security engineers to translate detection requirements into reliable Splunk content.
  • Tune detections and searches to improve fidelity, reduce false positives, increase operational value, and support risk-based alerting or prioritization.
  • Support incident response and investigations by validating log availability, developing ad hoc searches, retrieving evidence, and assisting with event timelines.

Dashboarding, Reporting & Metrics
  • Design and maintain dashboards, reports, scorecards, and visualizations for SOC operations, platform health, data coverage, compliance, and leadership reporting.
  • Track and report key Splunk metrics such as ingestion volume, license consumption, search performance, alert volume, source coverage, and data quality.
  • Automate recurring reporting and improve visibility into monitoring coverage, data source gaps, content effectiveness, and operational trends.
  • Develop executive, operational, and technical views that communicate platform status and security monitoring performance clearly and accurately.

Troubleshooting, Optimization & Engineering Support
  • Diagnose and resolve complex Splunk issues involving ingestion delays, parsing problems, dropped data, search errors, slow dashboards, indexer performance, and app conflicts.
  • Optimize SPL, data models, summary indexes, scheduled searches, acceleration settings, storage usage, and search workloads for reliability and efficiency.
  • Support infrastructure planning, scaling, retention strategies, data lifecycle management, high availability, and disaster recovery considerations.
  • Collaborate with system administrators, network engineers, cloud teams, security engineers, and vendors to resolve technical dependencies and platform issues.

Documentation, Standards & Continuous Improvement
  • Develop and maintain architecture diagrams, onboarding procedures, configuration standards, runbooks, troubleshooting guides, and operational documentation.
  • Support governance of index naming, source type standards, app deployment, permissions, data retention, change control, and knowledge object management.
  • Evaluate new Splunk apps, add-ons, content packs, integrations, and platform capabilities to improve security monitoring and operational efficiency.
  • Mentor junior engineers and analysts on Splunk usage, search practices, data validation, dashboard development, and platform troubleshooting.

  • U.S. Citizenship with ability to obtain and maintain a DOE "L" clearance after start.
  • 5+ years of experience in cybersecurity engineering, SIEM engineering, log management, infrastructure engineering, or security operations support.
  • 3+ years of hands-on Splunk administration, engineering, or implementation experience in enterprise or mission-critical environments.
  • Strong working knowledge of Splunk Enterprise, Splunk Enterprise Security, or Splunk Cloud administration, including indexes, forwarders, apps, add-ons, permissions, and distributed components.
  • Demonstrated experience with SPL, data onboarding, sourcetype configuration, field extraction, parsing, normalization, dashboards, reports, and alert development.
  • Experience troubleshooting ingestion, indexing, search performance, dashboard performance, licensing, and data quality issues.
  • Understanding of SOC operations, security monitoring, incident response, detection engineering, and common cybersecurity data sources.
  • Ability to document technical procedures clearly and communicate effectively with analysts, engineers, stakeholders, and leadership.

Apply