Senior Security Consultant

Job Description – Senior Security Consultant (Splunk SIEM | SOAR | UEBA | Blue & Red Teaming)Location: APJC (India/Singapore/Australia/NZ) – Hybrid / RemoteRole Type: Full-Time – Security Consulting PracticeReports To: VP – APJC, Operational Intelligence & Cybersecurity 🔎 About PrudentPrudent is a global Splunk-certified partner with advanced expertise across Security, Observability, Operational Intelligence, and AI-driven analytics, operating across APJC, EMEA, and the Americas. We deliver large-scale SIEM, SOAR, UEBA, and Security Analytics programmes for telecom, BFSI, government, transport, healthcare, and enterprise clients. We are expanding our Cybersecurity & Threat Analytics Practice and are seeking a high-calibre Senior Security Consultant who is deeply knowledgeable, hands-on, and capable of acting as our internal security subject matter expert (SME) and customer-facing trusted advisor. 🎯 Role OverviewWe are looking for an exceptional, end-to-end Security Consultant with strong expertise in: • Splunk SIEM (Enterprise Security) • Splunk SOAR • Splunk UEBA / Risk-Based Alerting (RBA) • Threat Detection & Anomaly Detection • Vulnerability Management & Threat Intelligence • Identity Security & Access Analytics • Blue Teaming + Red Teaming methodologies This consultant will serve as our go-to security expert, responsible for designing, building, and optimizing security detection frameworks, incident workflows, threat models, and advanced analytics. You will work closely with customers, internal engineering teams, and leadership to deliver outcome-based cybersecurity solutions. 🛠 Key Responsibilities1. Splunk Security Stack – Architecture, Delivery & Optimisation • Architect, deploy, and optimize Splunk Enterprise Security (ES), SOAR, and UEBA solutions. • Build correlation searches, risk rules, risk notables, and dashboards aligned to MITRE ATT&CK. • Implement Risk-Based Alerting (RBA) with identity/data enrichment. • Configure playbooks, automations, workflows, and integrations for SOAR. • Develop security use cases based on customer environment, threat landscape, and compliance needs.2. Threat Detection & Incident Response • Build advanced detection for malware, lateral movement, insider threats, identity abuse, cloud misconfigurations, APT behaviours, phishing, and anomalous activity. • Perform triage automation, incident enrichment, and response orchestration using Splunk SOAR. • Improve detection rules, mapping to frameworks such as MITRE, NIST, CIS, and Zero Trust.3. Blue Teaming & Red Teaming Skills • Strong understanding of attack chains, adversary emulation, exploitation techniques, and lateral movement. • Assist in threat hunting, purple team exercises, and post-incident investigations. • Work with red teams to create detections for new TTPs across the kill chain.4. Security Architecture & Governance • Provide end-to-end security advisory across SIEM/SOAR/UEBA, identity, vulnerability, cloud security, and network security. • Work with clients to implement security governance models, KPIs, SLAs, and continuous improvement plans. • Conduct data onboarding, CIM alignment, data model acceleration, and log source hygiene reviews.5. Vulnerability, Threat Intelligence & Identity Analytics • Build content for vulnerability prioritisation, exploit insights, and exposure management. • Integrate threat intel feeds, STIX/TAXII, and other sources for detection enrichment. • Develop identity-based detections using Okta/Azure AD/IDP logs and behaviour patterns.6. Customer Leadership & Advisory • Act as the trusted advisor for all Splunk security topics. • Lead workshops, assessments, and roadmap sessions with CXO/security leadership. • Provide training, knowledge transfer, and capability uplift to customers and internal teams. 📌 Mandatory Skills & ExperienceSplunk Expertise (Must-Have) • 4–10+ years working with Splunk Enterprise Security, SOAR, and UEBA • Strong in SPL, correlation searches, data models, risk rules, and notable tuning • Hands-on experience with playbook development in SOAR (Python/YAML) • Deep knowledge of CIM alignment, index design, data onboarding, and ingestion hygieneCyber Security Expertise (Must-Have) • Strong understanding of network security, endpoint, logging, identity security, cloud security, vulnerability management • Blue Teaming (Detection Engineering, IR workflows, alert triage, threat hunting) • Red Teaming (attack simulation, APT TTPs, exploit knowledge, lateral movement) • MITRE ATT&CK, cyber kill chain, Zero Trust, NIST CSF • Strong knowledge of threat detection & anomaly detection frameworksTechnical BreadthExperience with at least 5 of the following preferred: • Endpoint: CrowdStrike, Carbon Black, Defender • Firewalls: Palo Alto, Cisco, Fortinet • Cloud Security: AWS/Azure/GCP logging & analytics • Threat Intel Platforms: MISP, Anomali • Identity: Okta, Azure AD, Ping • Vulnerability: Qualys, Tenable, Rapid7 • Other SIEM/SOAR platforms (QRadar, Sentinel, Arcsight, Exabeam) 💼 Soft Skills & Leadership • Excellent communication and consulting skills • Ability to run customer workshops independently • Strong problem-solving and analytical thinking • Ability to handle pressure and lead critical incident response • Experience working in high-stakes enterprise environments 🎓 QualificationsPreferred Certifications (not mandatory but desirable): • Splunk Enterprise Security Admin • Splunk SOAR Administrator / Consultant • Splunk Core + Power User • Splunk ITSI (good to have) • CEH, OSCP, GCIA, GCIH, GCFA, Security+, CISSP (bonus) 🌟 Why Join Prudent? • Work with elite global clients across telecom, BFSI, government, and large enterprises • Opportunity to lead next-gen security projects across APJC • Exposure to Splunk + Cisco security ecosystem • Fast career progression into Lead Security Architect / Practice Lead roles • Work with a global team of high-performing Splunk consultants