HiringCafe
Posted 6d ago

Principal Splunk-Threat Detection & Integrati

@ Quzara
View All Jobs
United States
RemoteFull Time
Responsibilities:Lead onboarding, Configure security, Onboard data
Requirements Summary:Experience onboarding customers into SIEM/XDR/MDR platforms; hands-on with Microsoft Defender XDR and Purview; FedRAMP/FISMA/CMMC experience; data integration; customer-facing documentation.
Technical Tools Mentioned:Microsoft Defender XDR, Microsoft Purview, Microsoft Sentinel, Azure, KQL, Azure Logic Apps, Power Automate, SIEM, Splunk, QRadar, Elastic, Chronicle, CrowdStrike, SentinelOne, AWS CloudTrail, GuardDuty, Syslog, Logstash, Fluentd
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Job Title: Principal Splunk-Threat Detection & Integration Engineer 

Pay Type: SALARIED EXEMPT 

Location: Remote

Summary of Position Role/Responsibilities

We are seeking a Customer Onboarding Engineer to lead the secure and compliant onboarding of customers into our cybersecurity platform. This role is responsible for working directly with customers—primarily in U.S. federal and highly regulated environments—to integrate data sources, configure security tooling, and ensure successful deployment aligned with compliance requirements. This position is hands-on, customer-facing, and requires strong experience with Microsoft and Azure security services, along with familiarity across other SIEM, EDR, and cloud platforms.

Essential Functions of the Job

  • Lead end-to-end customer onboarding into SIEM/XDR/MDR platforms, ensuring timely and successful delivery
  • Configure and validate Microsoft security services, including Defender XDR and Purview
  • Onboard and integrate data sources (identity, endpoint, cloud, SaaS, network logs) into security platforms
  • Build and maintain automation workflows using Azure Logic Apps, Power Automate, or similar SOAR tools
  • Work closely with customers to gather requirements, validate configurations, and support go-live readiness
  • Create and maintain customer-facing documentation, including:
    • As-Built documentation
    • Onboarding runbooks
    • Data source inventories
    • Status trackers
  • Support compliance and audit activities by preparing evidence and documentation (FedRAMP, FISMA, CMMC, etc.)
  • Collaborate cross-functionally with SOC, engineering, and compliance teams
  • Provide status updates and reporting to customers and internal stakeholders

Marginal Functions of the Job

  • Other duties as assigned

Normal Work Schedule

This is a full-time position. Standard business hours are Monday through Friday 8:30 AM to 5:30 PM. Additional time outside of these hours may be needed to complete the essential functions of the job.

Education, Training, and Experience

  • Experience onboarding customers into SIEM, XDR, MDR, or security operations platforms
  • Hands-on experience with Microsoft Defender XDR and/or Microsoft Purview
  • Experience working in U.S. federal or highly regulated environments (FedRAMP, FISMA, CMMC, etc.)
  • Strong understanding of log ingestion and data integration, including identity, endpoint, and cloud logs
  • Experience creating customer-facing technical documentation
  • Ability to work independently in a customer-facing delivery role
  • Strong communication and stakeholder management skills

Preferred Qualifications

  • Microsoft & Azure
    • Microsoft Defender suite (Endpoint, Identity, Office 365, Cloud)
    • Microsoft Purview (audit logging, compliance, data governance)
    • Microsoft Sentinel (data connectors, log onboarding, validation)
    • Azure AD / Entra ID, Azure Monitor, Log Analytics
    • Experience with KQL for log analysis and troubleshooting
    • Automation using Azure Logic Apps or Power Automate
  • Other Cloud & Security Tools 
    • SIEM platforms such as Splunk, QRadar, Elastic, Chronicle
    • EDR/XDR tools such as CrowdStrike, SentinelOne
    • AWS security services (e.g., CloudTrail, GuardDuty)
    • Log ingestion tools such as Syslog, Logstash, Fluentd

EEO Statement

The Company is an Equal Employment Opportunity (EEO) employer and does not discriminate based on race, color, religion, sex, sexual orientation, national origin, age, marital status, disability, veteran's status, or any other basis protected by applicable discrimination laws.