Job Description

MatchPoint Solutions is a fast-growing, young, energetic global IT-Engineering services company with clients across the US. We provide technology solutions to various clients like Uber, Robinhood, Netflix, Airbnb, Google, Sephora, and more! More recently, we have expanded to working internationally in Canada, China, Ireland, UK, Brazil, and India. Through our culture of innovation, we inspire, build, and deliver business results, from idea to outcome. We keep our clients on the cutting edge of the latest technologies and provide solutions by using industry-specific best practices and expertise.

We are excited to be continuously expanding our team. If you are interested in this position, please send over your updated resume. We look forward to hearing from you!

MUST HAVE SECRET CLEARANCE

Splunk UBA Engineer

8 Weeks

Doral, FL - Onsite

Pay rate: $80 - $100/hr on W2

We are seeking an experienced and analytical Splunk UBA Engineer to implement, optimize, and maintain our User Behavior Analytics (UBA) platform. In this role, you will use behavioral modeling and machine learning capabilities in Splunk UBA to identify insider threats, compromised accounts, data exfiltration, and other advanced attack techniques. You will work closely with SOC analysts, engineers, and data owners to turn user activity data into actionable intelligence and risk-based threat detections.

Key Responsibilities Deploy, configure, and maintain the Splunk UBA platform, including data ingestion, normalization, and threat model tuning.

Deploy UBA cluster designing the build

Ingest and map logs from various sources (e.g., Active Directory, VPN, firewalls, proxy, endpoint, etc.) into UBA.

Develop and refine behavioral baselines and anomaly detection models to identify suspicious or malicious activity.

Tune and customize threat models to align with organizational risks and reduce false positives.

Collaborate with the SOC and threat detection teams to operationalize UBA detectionsthrough risk scoring, notable events, and incident response workflows.

Build and maintain dashboards, entity timelines, and investigative tools within UBA to support threat hunting and investigations.

Integrate UBA output with Splunk Enterprise Security (ES) or SOAR platforms for automated response and triage.

Continuously evaluate new data sources, use cases, and detection strategies to enhance UBA capabilities.

Document procedures, configurations, and threat model customizations.

Qualifications

Required: 2 4 years of experience in security engineering, threat detection, or security analytics.

Hands-on experience with Splunk UBA and a strong understanding of behavior-based threat detection.

Proficiency in log analysis and understanding of common data sources (AD, EDR, firewalls, VPN, etc.).

Knowledge of machine learning basics, anomaly detection, and risk-based scoring concepts.

Strong grasp of attack vectors such as lateral movement, privilege escalation, and insider threats.

Ability to write clear documentation and communicate findings effectively. Preferred:

Experience with Splunk Enterprise Security (ES) and/or SOAR integrations.

Familiarity with MITRE ATT&CK and threat detection frameworks.

Background in scripting (Python, PowerShell) and API-based data integrations.

Splunk certifications such as Splunk Core Certified Power User or Splunk UBA Certified Admin.

MatchPoint Solutions provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

Job Tags

Similar Jobs