Job Board
LogoLogo
Application Tracker
Get Daily Notifications
New

Get Jobs Tailored to Your Resume

Filtr uses AI to scan 1000+ jobs and finds postings that perfectly matches your resume

Cisco Logo

Data Engineer, Incident response

Cisco

Salary not specified
Sep 26, 2025
Research Triangle Park, NC, US
Apply Now

Cisco's Security Visibility & Incident Command (SVIC) team needs to detect, respond to, and mitigate security incidents, improve compliance and security posture, and ensure Cisco meets its regulatory and contractual obligations for data loss notification by designing and optimizing data pipelines for actionable intelligence.

Requirements

  • 3–4 years of experience in Splunk administration (either on-prem or cloud).
  • Experience with Splunk SOAR (formerly Phantom), Search Head Clustering, and Indexer Clustering.
  • Ability to design, implement, and maintain data pipelines at scale in Splunk.
  • Familiarity with other SIEM platforms such as ELK or Exabeam.
  • Proficiency in Linux/UNIX administration for deploying and supporting data systems.
  • Experience working with cloud platforms – AWS strongly preferred, with exposure to Azure and GCP beneficial.
  • Experience automating operational tasks using scripting and orchestration tools.

Responsibilities

  • Designing, building, and maintaining scalable data pipelines for ingesting, transforming, and storing large volumes of data in Splunk.
  • Using Splunk Enterprise, SPL (Search Processing Language), and technical add-ons to perform advanced data transformations and enrichments.
  • Collaborating with partners to define requirements and ensure seamless integration of new data sources.
  • Ensuring compliance with data governance and security standards in all engineering work.
  • Implementing and monitoring data quality and validation processes for accuracy and reliability.
  • Solving Splunk ingestion pipeline issues and performance bottlenecks.
  • Working with security engineering teams to define and enforce logging standards.

Other

  • Must be a U.S. Person (i.e. U.S. citizen, U.S. national, lawful permanent resident, asylee, or refugee).
  • This position may also perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil.
  • Strong understanding of security operations and incident response workflows.
  • Ability to drive metrics and analytics for operational improvements.
  • Strong communication skills .