Senior Security Engineer – Splunk - Toronto - Astra North Infoteck Inc.

    Astra North Infoteck Inc.
    Astra North Infoteck Inc. Toronto

    16 hours ago

    Description

    Job Description:
    Senior Security Engineer – Splunk & Cloud (8–10 Years)

    Skills:
    Digital: Microsoft Azure | Digital: Splunk
    Essential
    Skills:
    Splunk ITSI & UBA | Virtualization & Cloud (Azure, Google, AWS) | Microsoft Security Solutions (Sentinel, etc.)

    Role Overview

    The Senior Security Engineer will provide expert, hands‑on engineering leadership for Splunk platform design, data onboarding, automation, and SIEM modernization.

    This role requires deep subject‑matter expertise across Splunk Enterprise, Microsoft Sentinel, cloud-based security architectures, and advanced monitoring technologies.

    The ideal candidate will have proven experience architecting and delivering large-scale security engineering solutions, collaborating with cross-functional teams, and ensuring that platforms meet enterprise standards for security, performance, and operational resilience—particularly in complex financial institution environments.

    Key Responsibilities
    Splunk & SIEM Engineering

    Lead hands-on engineering, configuration, build, and support of the Enterprise Splunk suite, including core Splunk, ITSI, UBA, and CRIBL.
    Deliver robust solutions for data onboarding, parsing, normalization, indexing, and alerting.
    Ensure dashboards, KPIs, and alerts are aligned with business and security requirements.
    Maintain and enhance CIM compliance across all data sources and use cases.

    Security Architecture & Cloud

    Architect and engineer security solutions spanning Azure, Google Cloud, and AWS.
    Integrate cloud-native and hybrid security capabilities into SIEM workflows.
    Apply modern security practices to highly virtualized environments.

    Microsoft Security Solutions

    Implement and support Microsoft Sentinel and related Microsoft security technologies.
    Align detection logic, response workflows, and event ingestion to enterprise standards.

    Engineering Leadership & Collaboration

    Lead teams in delivering high‑quality engineering outcomes and drive solution roadmaps.
    Work with senior leadership to shape strategy, modernize platforms, and improve processes.
    Collaborate across security teams, business units, and enterprise engineering functions to deliver platforms that provide measurable business value.

    Technical Integration & Data Analysis

    Onboard diverse data sources including APIs, databases, and Splunkbase apps.
    Ensure accurate handling of Windows, RHEL/Unix, network, and server log formats.
    Utilize Python for automation, data transformation, and engineering optimization.
    Identify and resolve gaps or inconsistencies in data flows and event ingestion pipelines.

    Compliance, Documentation & Operational Excellence

    Prepare and maintain architecture diagrams, build documents, SOPs, and knowledge artifacts.
    Ensure engineering solutions align with financial institution security controls, processes, and audit standards.
    Support production environments, troubleshoot issues, and optimize SIEM performance.

    Technical Requirements
    Required Expertise


    Advanced experience with:
    Splunk Enterprise Administration
    CIM compliance
    Splunk ITSI & UBA (highly preferred)
    CRIBL (asset)


    Strong understanding of:
    Azure Cloud and cloud security architecture
    Microsoft Sentinel & other Microsoft security platforms
    Windows and Linux/RHEL log formats
    Network and server logs

    Proficient Python scripting for automation.
    Experience integrating high-volume data sources across APIs, DBs, and Splunkbase add‑ons.
    Prior experience within a banking or financial services technical environment is preferred.

    Good to Have

    Advanced dashboard engineering and alert optimization skills.
    Experience with virtualization and cloud monitoring toolsets.
    Strong understanding of ITS and advanced observability frameworks.

    Experience Required
    8–10 years of experience in Security Engineering with strong specialization in Splunk, SIEM, and cloud security platforms.
  • Work in company

    Splunk Engineer

    Only for registered members

    This role will be responsible for solutions in areas such as Enterprise Splunk suite of applications. · ...

    Toronto, Ontario

    3 weeks ago

  • Work in company

    Splunk Engineer

    Only for registered members

    Splunk engineer role requires advanced knowledge of enterprise Splunk applications and robust working experience in Enterprise Splunk administration. · ...

    Toronto, Ontario

    1 month ago

  • Work in company

    Splunk Engineer

    Only for registered members

    Splunk engineer required for enterprise splunk administration in financial banks technical environment. · ...

    Toronto

    1 month ago

  • Work in company

    Splunk Engineer

    Only for registered members

    Must have advance experience with CIM compliance · • Experience with Azure Cloud platform · • Expertise with Microsoft Security Solutions · • Existing knowledge of financial banks technical environment, tools, policies, procedures, and processes. This will reduce 'boot strapping' ...

    Toronto, Ontario

    5 days ago

  • Work in company

    Splunk Engineer

    Only for registered members

    +This role will be responsible for solutions in areas such as Enterprise Splunk suite of applications, ITSI, UBA, CRIBL Microsoft Security Solutions Virtualization and Cloud Advanced Security Technologies+ · +Enterprise Splunk suite of applications · Microsoft Security Solutions ...

    Toronto

    3 weeks ago

  • Work in company

    Splunk Engineer

    Only for registered members

    Must have advance experience with CIM compliance · • Experience with Azure Cloud platform · • Expertise with Microsoft Security Solutions · • Existing knowledge of financial banks technical environment, tools, policies, procedures, and processes. This will reduce 'boot strapping' ...

    Toronto

    5 days ago

  • Work in company

    Splunk Security Engineer

    Astra North Infoteck Inc.

    · Required Skill: Splunk E2 · Advanced knowledge of Enterprise Splunk applications and robust working experience in Enterprise Splunk administration. · Must have advance experience with CIM compliance · Experience with Azure Cloud platform · Expertise with Microsoft Security Sol ...

    Toronto

    16 hours ago

  • Work in company

    Senior Security Engineer – Splunk

    Only for registered members

    Senior Security Engineer required for Splunk & Cloud position (8–10 Years) · Administration of Splunk Enterprise · ...

    Toronto, Ontario

    3 weeks ago

  • Work in company

    Senior Security Engineer – Splunk

    Only for registered members

    Senior Security Engineer - Splunk & Cloud. · Splunk · Security Engineering · ...

    Toronto

    3 weeks ago

  • Work in company

    Engineer I –Enterprise SIEM – Splunk

    Only for registered members

    We are looking for a mid-level SIEM administrator, with an engineering mindset and experience working on enterprise Security Information and Event management (SIEM) tools. · ...

    Toronto, Ontario

    1 month ago

  • Work in company

    Engineer I –Enterprise SIEM – Splunk

    Only for registered members

    We are looking for an Enterprise SIEM administrator with an engineering mindset and experience working on enterprise Security Information and Event management (SIEM) tools. · Perform implementation, administration, and maintenance tasks on Enterprise SIEM platforms. · Work collab ...

    Toronto $81,600 - $115,200 (CAD)

    1 month ago

  • Work in company

    Engineer I –Enterprise SIEM – Splunk

    Only for registered members

    TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. · Perform implementation, administration, and maintenance tasks on Enterprise SIEM pla ...

    Toronto $81,600 - $115,200 (CAD) Full time

    1 month ago

  • Work in company

    Engineer II – Enterprise SIEM – Splunk

    Only for registered members

    We re looking for a Subject Matter Expert SME in Security Logging and Monitoring with an engineering mindset and extensive experience working on enterprise Security Information and Event management SIEM tools. · ...

    Toronto $91,200 - $136,800 (CAD) Full time

    1 month ago

  • Work in company

    Engineer I –Enterprise SIEM – Splunk

    Only for registered members

    We are looking for a mid-level SIEM administrator, with an engineering mindset and experience working on enterprise Security Information and Event management (SIEM) tools. · ...

    Toronto, ON

    1 month ago

  • Work in company

    Splunk Admin

    Only for registered members

    The Enterprise SIEM data engineering team is responsible for adhering to the Security Logging and Monitoring standard for the bank. · This role will provide expert knowledge of Splunk platform engineering hands on for the proposal, data onboarding, and automation. · The candidate ...

    Toronto, ON

    1 week ago

  • Work in company

    Splunk Admin-5

    Only for registered members

    Toronto, Ontario M5V 3L9 Posted February 26th, 2026 · Looking for more job opportunities? Click here · Job Type: Full Time · Job Category: IT · Job Description · Splunk Admin · Toronto, ON - Hybrid · Job Description · The Enterprise SIEM data engineering team is responsible for a ...

    Toronto, ON

    5 days ago

  • Work in company

    Splunk Admin-1

    Only for registered members

    Toronto, Ontario M5V 3L9 Posted February 20th, 2026 · Looking for more job opportunities? Click here · Job Type: Full Time · Job Category: IT · Job Description · Splunk Admin · Toronto, ON - Hybrid · Job Description · The Enterprise SIEM data engineering team is responsible for a ...

    Toronto, ON

    1 week ago

  • Work in company

    Splunk Admin-3

    Only for registered members

    Toronto, Ontario M5V 3L9 Posted February 24th, 2026 · Looking for more job opportunities? Click here · Job Type: Full Time · Job Category: IT · Job Description · Splunk Admin · Toronto, ON - Hybrid · Job Description · The Enterprise SIEM data engineering team is responsible for a ...

    Toronto, ON

    1 week ago

  • Work in company

    Splunk Admin-2

    Only for registered members

    Toronto, Ontario M5V 3L9 Posted February 21st, 2026 · Looking for more job opportunities? Click here · Job Type: Full Time · Job Category: IT · Job Description · Splunk Admin · Toronto, ON - Hybrid · Job Description · The Enterprise SIEM data engineering team is responsible for a ...

    Toronto, ON

    1 week ago

  • Work in company

    Splunk Admin-4

    Only for registered members

    Toronto, Ontario M5V 3L9 Posted February 25th, 2026 · Looking for more job opportunities? Click here · Job Type: Full Time · Job Category: IT · Job Description · Splunk Admin · Toronto, ON - Hybrid · Job Description · The Enterprise SIEM data engineering team is responsible for a ...

    Toronto, ON

    6 days ago

Jobs
>
Toronto