Security Engineer with Splunk (m / f / d) REMOTE

Security Engineer with Splunk (m / f / d) REMOTE

Join to apply for the Security Engineer with Splunk (m / f / d) REMOTE role at Syntax Iberia

Security Engineer with Splunk (m / f / d) REMOTE

2 days ago Be among the first 25 applicants

Join to apply for the Security Engineer with Splunk (m / f / d) REMOTE role at Syntax Iberia

Syntax is a leading Managed Cloud Provider for Mission Critical Enterprise Applications and has been providing comprehensive technology solutions to businesses of all sizes since 1972. Syntax has undisputed strength to implement and manage ERP deployments (Oracle, SAP) in a secure and resilient private, public or hybrid cloud. With strong technical and functional consulting services, and world-class monitoring and automation, Syntax serves some of North America’s largest corporations across a diverse range of industries. Syntax has offices worldwide, and partners with Oracle, SAP, AWS, Microsoft, IBM and other global technology leaders.

Position Summary :

We are seeking a Junior to Mid-Level Security Engineer with a specialization in Splunk SOAR to join our team. We are seeking a highly skilled and motivated Security Engineer with Splunk SOAR experience to lead the engineering, development, and optimization of our Splunk SOAR platform. This individual will serve as the technical subject matter expert responsible for integrating, automating, and orchestrating security operations processes to enhance our detection, response, and remediation capabilities. The ideal candidate has strong experience in security automation, Python scripting, and hands-on knowledge of security tools and APIs.

In this technical role, you will be an integral part of a globally distributed team responsible for managing and advancing our Splunk environment. The ideal candidate is proactive, organized, and detail-oriented, with a strong desire to learn and solve complex challenges independently and in a team. You will be the Splunk SOAR SME, as well as contributing to the overall success of the Splunk Enterprise / Enterprise Security deployment.

Primary Responsibilities :

• Serve as the primary SME for all aspects of Splunk SOAR, including design, implementation, maintenance, and troubleshooting.
• Develop and maintain SOAR playbooks to automate repetitive security operations tasks and incident response workflows.
• Integrate Splunk SOAR with various third-party security technologies (e.g., CrowdStrike, Cisco, Qualys, Cloudflare, ServiceNow).
• Collaborate with SOC, threat intel, and engineering teams to identify automation use cases.
• Maintain documentation for playbooks, integrations, and workflows.
• Ensure reliability, performance, and scalability of the SOAR platform.
• Lead troubleshooting and root cause analysis for failed playbook executions and integrations.
• Support operational teams during security incidents by improving playbooks and implementing real-time automations.
• Evaluate and implement best practices for data handling, enrichment, and alert triage within the SOAR framework.

Ideal Candidate Attributes :

• Attention to detail and a methodical approach to problem solving.
• Strong organizational skills and ability to manage multiple ongoing tasks.
• Eagerness to self-educate, research new technologies, and apply knowledge to real-world challenges.
• Comfortable working both independently and collaboratively in a global team.

Required Qualifications :

• Experience with Splunk SOAR (formerly Phantom) in an enterprise environment.
• Strong Python development experience (required for playbook and app development).
• Proven experience integrating SOAR with security tools using REST APIs, Python modules, or app connectors.
• Solid understanding of incident response workflows, security event triage, and automation best practices.
• Deep knowledge of common security tools and platforms (EDR, SIEM, IDS / IPS, vulnerability scanners, etc.).
• Experience with Splunk Core and Enterprise Security (basic familiarity at minimum).
• Strong analytical and troubleshooting skills.
• Excellent proficiency in English, both written and verbal.
• Self-starter with a strong sense of ownership and accountability.
• Ability to work effectively with minimal supervision.
• Project-oriented mindset with a consistent, organized work approach.

Preferred Qualifications :

• Experience with version control (Git), CI / CD for playbook deployments.
• Familiarity with JSON, XML, and structured data manipulation.
• Experience working in MSP / MSSP or multi-tenant environments.
• Experience with ITSM tools like ServiceNow .

Why Join Us?

• A collaborative and security-minded engineering team
• Opportunities for growth and technical advancement
• Support for certification and continuing education
• Clear paths for growth and advancement as you develop your skills and expertise.
• Flexible hours, Monday to Thursday 8h, and Fridays.... 6h. In addition, the whole month of August and the first half of September we have an intensive timetable. 28 days holiday (23 days holiday + 4 days at Christmas from 15 December to 15 January + 1 day for your birthday)!
• Windows laptop for work (Dell or Lenovo)!
• Apple or Android smartphone...you choose!
• Two lovely offices with a nice garden to relax and have a coffee
• Free coffee and soft drinks
• Medical insurance with Sanitas
• Training : Free AWS and SAP certifications, internal workshops and free access to Linkedin E-learning
• Free online English, German, Spanish or French classes through a platform

If you are passionate about technology, eager to learn, and ready to take on new challenges, we’d love to hear from you!

Seniority level

• Seniority level Associate

Employment type

• Employment type Full-time

Job function

• Job function Information Technology
• Industries IT Services and IT Consulting

Referrals increase your chances of interviewing at Syntax Iberia by 2x

Get notified about new Security Engineer jobs in Spain .

Cloud Security Engineer (100% remote within Spain) Junior Cybersecurity Analyst - Remote (Spain or the UK based)

Madrid, Community of Madrid, Spain 2 weeks ago

Senior Cloud Security Engineer (100% remote, only Spain) Information Security Engineer - (Remote - Worldwide) Junior Security Operations Engineer (m / f / d) Senior Platform Security Engineer (100% remote-friendly within Spain)

Madrid, Community of Madrid, Spain 1 week ago

Madrid, Community of Madrid, Spain 2 months ago

Security Engineer - Identity & Access Management (IAM)

Madrid, Community of Madrid, Spain 1 month ago

Cybersecurity Engineer – Automotive Embedded Systems

Madrid, Community of Madrid, Spain 1 week ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

J-18808-Ljbffr