Senior SIEM Splunk Engineer (f/m/x)

RBI is fostering its Business for the next generation in Information & Cyber Security.

As crucial part of the Group Raiffeisen Bank International Cyber Defense Center department this function develops detection and prevention mechanism to foster our digitalization journey and the business confidence of our customers.

In this position you will be member of a group SOC Team. This includes designing, engineering and administering of the RBI SIEM infrastructure.  You will lead the development of Splunk visualizations, reports, alerts and developing Splunk applications.  You will work together with data source owners to integrate data sources and supports the requirements for building use cases.

Your mission:

• Administering Splunk environments and Splunk applications include developing applications that provide insight into a business process
• Maintaining and optimizing clustered Splunk deployment on Kubernetes/EKS environment
• Recommend and execute improvements to the existing Splunk architecture and design with growth and scalability in mind to optimize performance, stability, reliability, and agility
• Communicating with customer stake holders to include leadership, support teams, and system administrators
• Assist in defining Operational Security related processes and procedures responsible for implementing processes, providing support to the 24x7
• Support the onboarding process for new infrastructure and business applications within the whole RBI group

Core competencies:

• Solid Experience in a Splunk clustered environment with SIEM Background – Splunk Enterprise Security

• Strong understanding with onboarding new data sources in Splunk Enterprise, analyzing the date for anomalies/trends, and building dashboard for key trends
• Solid understanding of network transport protocols and services (TCP/IP, syslog, DNS, ODBC, SFTP, SSH, PKI, etc.)
• Professional experience with both Windows and Linux/Unix operating systems

• Practical experience of cloud concepts either using AWS or Azure
• Strong understanding of DevSecOps concepts, full lifecycle development for systems/applications
• Experience automating workflows with Splunk Phantom

Nice to have: 

• Knowledge of Azure Sentinel SIEM Solution
• We value candidates with certifications like Splunk certified admin and Splunk certified Architect
• German knowledge is appriciated
• Experience in a large international banking environment is an asset

What’s in it for you: 

• Work-Life-Balance: Flexible hours, work-from-home options from Austria, and 30 days/year remote work from any EU country. 
• Global community: 75+ nationalities, English as the company language, and work permit support. Our teams thrive on collaboration and mutual respect. 
• Career growth: We believe in continuous learning and proactive career development. Take on challenging work that stretches your abilities, attend trainings, and use new technologies to make a lasting impact. 
• Stay healthy: Subsidized canteen, well-being programs, check-ups, and sport allowances. 
• Save money: Discounts, exclusive banking terms, and a free public transport pass. 
• Family support: Child allowances, gender-neutral parental leave, bilingual company kindergarten, and holiday childcare. 
• Competitive salary: Starting at EUR 60.000, gross p.a. excluding overtime, with market-compliant overpayment based on experience and qualifications. We are happy to discuss your actual salary in person. 

If you have questions regarding our application process, feel free to check out our FAQ or our page for international applicants.   Your contact: Martin Trnka Talent Acquisition Team