Senior Information Security Engineer - SIEM Database Activity Logging

About The Position

Requirements

• 4+ years of Information Security Engineering experience, or equivalent demonstrated through work experience, training, military experience, or education
• 2+ years of Splunk engineering experience, including search development and knowledge object management
• 2+ years of database activity monitoring experience
• 2+ years of experience designing and implementing Senior Security Information & Event Management SIEM use cases from requirements to production

Nice To Haves

• 2+ years of IBM Guardium
• Splunk Enterprise Certified Administrator
• CISSP, CCSP, or similar professional security certification
• Cloud Professional certification
• BA/BS or higher in Computer Science, MIS, or a related field
• Database auditing or database administration experience
• Experience with application security or security architecture
• Scripting experience (e.g., Python, Splunk automation integration, or tooling integration)
• Experience performing impact and risk analysis for complex enterprise systems
• Strong verbal and written communication skills, including technical and business documentation
• Ability to communicate effectively with both technical and non‑technical stakeholders
• Proven analytical, troubleshooting, and problem‑solving skills
• Ability to work independently while managing competing priorities

Responsibilities

• Engineer and operate IBM Guardium for database activity monitoring and security telemetry
• Design and manage direct‑to‑Splunk database logging pipelines across multiple platforms
• Own and maintain hundreds to thousands of Splunk knowledge objects, including searches, macros, lookups, dashboards, and alerts
• Develop and improve SIEM detection use cases aligned to threat models, risk scenarios, and regulatory requirements
• Support security incident response, including log analysis, technical investigation, and post‑incident root cause analysis
• Develop and maintain relationships with product vendors and other team stakeholders
• Participate in on‑call rotation, deployment activities, and SDLC‑aligned change management
• Partner with infrastructure, database, application, and security teams to improve the bank’s overall security posture
• Provide security consulting and technical guidance for internal engineering teams on medium to large initiatives
• Review, correlate, and analyze security logs to identify threats, anomalies, and control gaps
• Identify security vulnerabilities, perform risk assessments, and recommend remediation strategies
• Design, document, test, and maintain security solutions spanning telemetry, authentication, cloud, and data protection domains
• Contribute to and maintain Jira and Confluence documentation
• Mentor peers and contribute to a culture of continuous improvement and knowledge sharing
• Manage hundreds to thousands of Splunk knowledge objects at scale
• Build automated logging and telemetry processes using configuration, scripting, AI‑assisted tooling, and vendor integrations
• Collaborate with domestic and international teams
• Maintain high‑quality operational and technical documentation
• Demonstrate a willingness to learn, teach, and continuously improve

Benefits

• Health benefits
• 401(k) Plan
• Paid time off
• Disability benefits
• Life insurance, critical illness insurance, and accident insurance
• Parental leave
• Critical caregiving leave
• Discounts and savings
• Commuter benefits
• Tuition reimbursement
• Scholarships for dependent children
• Adoption reimbursement