Splunk UBA Engineer Job at 3B Staffing LLC, Miami, FL

RFVpUUxwTTViNmxDS05hY3hyTTZEeGt1alE9PQ==
  • 3B Staffing LLC
  • Miami, FL

Job Description

MUST HAVE SECRET CLEARANCE


Location - 9301 NW 33rd St, Doral, FL 33172, USA


Job Description


Help Job DescriptionCut and paste the job description here.


6/23 - need candidate with more Architect level exp than Angel Romero.

5/5 - WWT owns this work. Onsite - 5 days/week. Will consider candidates who relo to the area. Checking on what specific program this ties into.

MUST HAVE SECRET CLEARANCE

Job Title: Splunk UBA Engineer

We are seeking an experienced and analytical Splunk UBA Engineer to implement, optimize, and maintain our User Behavior Analytics (UBA) platform. In this role, you will use behavioral modeling and machine learning capabilities in Splunk UBA to identify insider threats, compromised accounts, data exfiltration, and other advanced attack techniques. You will work closely with SOC analysts, engineers, and data owners to turn user activity data into actionable intelligence and risk-based threat detections.

Key Responsibilities • Deploy, configure, and maintain the Splunk UBA platform, including data ingestion, normalization, and threat model tuning.
• Deploy UBA cluster designing the build
• Ingest and map logs from various sources (e.g., Active Directory, VPN, firewalls, proxy, endpoint, etc.) into UBA.
• Develop and refine behavioral baselines and anomaly detection models to identify suspicious or malicious activity.
• Tune and customize threat models to align with organizational risks and reduce false positives.
• Collaborate with the SOC and threat detection teams to operationalize UBA detectionsthrough risk scoring, notable events, and incident response workflows.
• Build and maintain dashboards, entity timelines, and investigative tools within UBA to support threat hunting and investigations.
• Integrate UBA output with Splunk Enterprise Security (ES) or SOAR platforms for automated response and triage.
• Continuously evaluate new data sources, use cases, and detection strategies to enhance UBA capabilities.
• Document procedures, configurations, and threat model customizations.

Qualifications Required: • 2-4 years of experience in security engineering, threat detection, or security analytics.
• Hands-on experience with Splunk UBA and a strong understanding of behavior-based threat detection.
• Proficiency in log analysis and understanding of common data sources (AD, EDR, firewalls, VPN, etc.).
• Knowledge of machine learning basics, anomaly detection, and risk-based scoring concepts.
• Strong grasp of attack vectors such as lateral movement, privilege escalation, and insider threats.
• Ability to write clear documentation and communicate findings effectively. Preferred:
• Experience with Splunk Enterprise Security (ES) and/or SOAR integrations.
• Familiarity with MITRE ATT&CK and threat detection frameworks.
• Background in scripting (Python, PowerShell) and API-based data integrations.

Job Tags

Similar Jobs

CycleBar

Fitness Membership Sales Rep Cyclebar (Kildeer) Job at CycleBar

 ...Cyclebar Membership Sales Representative We are currently seeking high energy, passion filled, and sales motivated individuals who are fitness minded and have a love for community, and our brand! We are a fast-growing Indoor Cycling Franchise looking for individuals who... 

Sawall Development

Leasing Consultant - Luxury Apartments Job at Sawall Development

 ...clear-written communication. Assist with other assigned projects as needed. Company Description Sawall Development, located in Sussex, WI is a real estate development company that focuses on luxurious apartments/townhomes and condos. Company Description... 

Nachhilfeunterricht

Remote Work from home as an private online English Tutor - Part Time Job at Nachhilfeunterricht

 ...prior experience is required to apply for this position, only the completion of compulsory higher education. Whether you prefer working from home or at the students residence, youll have the opportunity to significantly contribute to their academic achievements. If you... 

Glens Falls Hospital

Physical Therapist (PT)- Inpatient Per Diem Job at Glens Falls Hospital

 ...The Impact You Can Make Come jumpstart or further your therapy career with a group of forward-thinking and supportive team...  ...and leisure activities. Team Impact As an outpatient physical therapist, you will work synergistically with a team of physical therapist... 

Affinius Capital

Finance Operations Intern - Investor Reporting & Real Estate Job at Affinius Capital

 ...Affinius Capital is offering a paid internship in San Antonio for the role of Fund Financial Operations Intern. You'll gain real-world experience working closely with the FFO team, gaining insights into investor reporting and various investment vehicles.The internship...