Splunk SIEM Engineer

Purpose of the role

To design, develop and improve software, utilising various engineering methodologies, that provides business, platform, and technology capabilities for our customers and colleagues. 

Accountabilities

• Development and delivery of high-quality software solutions by using industry aligned programming languages, frameworks, and tools. Ensuring that code is scalable, maintainable, and optimized for performance.
• Cross-functional collaboration with product managers, designers, and other engineers to define software requirements, devise solution strategies, and ensure seamless integration and alignment with business objectives.
• Collaboration with peers, participate in code reviews, and promote a culture of code quality and knowledge sharing.
• Stay informed of industry technology trends and innovations and actively contribute to the organization's technology communities to foster a culture of technical excellence and growth.
• Adherence to secure coding practices to mitigate vulnerabilities, protect sensitive data, and ensure secure software solutions.
• Implementation of effective unit testing practices to ensure proper code design, readability, and reliability.

Analyst Expectations

• To perform prescribed activities in a timely manner and to a high standard consistently driving continuous improvement.
• Requires in-depth technical knowledge and experience in their assigned area of expertise
• Thorough understanding of the underlying principles and concepts within the area of expertise
• They lead and supervise a team, guiding and supporting professional development, allocating work requirements and coordinating team resources.
• If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L – Listen and be authentic, E – Energise and inspire, A – Align across the enterprise, D – Develop others.
• OR for an individual contributor, they develop technical expertise in work area, acting as an advisor where appropriate.
• Will have an impact on the work of related teams within the area.
• Partner with other functions and business areas.
• Takes responsibility for end results of a team's operational processing and activities.
• Escalate breaches of policies / procedure appropriately.
• Take responsibility for embedding new policies/ procedures adopted due to risk mitigation.
• Advise and influence decision making within own area of expertise.
• Take ownership for managing risk and strengthening controls in relation to the work you own or contribute to. Deliver your work and areas of responsibility in line with relevant rules, regulation and codes of conduct.
• Maintain and continually build an understanding of how own sub-function integrates with function, alongside knowledge of the organisations products, services and processes within the function.
• Demonstrate understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function.
• Make evaluative judgements based on the analysis of factual information, paying attention to detail.
• Resolve problems by identifying and selecting solutions through the application of acquired technical experience and will be guided by precedents.
• Guide and persuade team members and communicate complex / sensitive information.
• Act as contact point for stakeholders outside of the immediate function, while building a network of contacts outside team and external to the organisation.

All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave.

Join us a Splunk SIEM Engineer where you have to design, develop and improve software, utilizing various engineering methodologies, that provides business, platform, and technology capabilities for our customers and colleagues.

To be successful a Splunk SIEM Engineer, where you should have experience with:

• Minimum Qualification – bachelor's degree

• Multi-Platform SIEM Expertise: Proven experience with Splunk Enterprise Security, Microsoft Sentinel, and SIEM architecture including data models, correlation rules, and administrative functions.

• Security Operations: Strong analytical skills in threat detection, incident response, and security event analysis with experience in large enterprise environments (10,000+ endpoints).

• Data Pipeline Management: Hands-on experience with log ingestion, data routing, and transformation using tools like Cribl, plus understanding of data normalization and parsing.

• SOAR & Automation: Experience with Security Orchestration platforms, playbook development, and automated response workflows for incident management.

• Network Security Fundamentals: Working knowledge of network architectures, firewalls, proxies, and common attack vectors with troubleshooting expertise.

• Communication & Documentation: Excellent technical writing and communication skills to create runbooks, procedures, and translate complex security concepts for diverse audiences.

Some other highly valued skills may include:

• Cloud Security & Modern Infrastructure: Proficiency with AWS/Azure cloud security, containerized environments, and SaaS-based security solutions.

• Programming & Scripting: Advanced skills in Python, PowerShell, KQL, SPL, and SQL for automation, custom integrations, and advanced analytics development.

• Security Certifications: Professional certifications such as CISSP, GCIH, GCFA, Splunk Certified Architect, or Microsoft Sentinel Ninja.

• Extended Security Stack: Experience with EDR, UBA, CASB, CSPM, vulnerability assessment tools, and threat intelligence platforms.

• Infrastructure as Code: Experience with Chef, Ansible, Jenkins, GitLab CI/CD for automated security tool deployment and configuration management.

• Compliance & Governance: Knowledge of regulatory frameworks (SOX, PCI-DSS, GDPR) and hands-on incident response/forensics experience.

You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen strategic thinking and digital and technology, as well as job-specific technical skills.

This role is based in Chennai.