Job Description

Company Profile

Lennox (NYSE: LII) Driven by 130 years of legacy, HVAC and refrigeration success, Lennox provides our residential and commercial customers with industry-leading climate-control solutions. At Lennox, we win as a team, aiming for excellence and delivering innovative, sustainable products and services. Our culture guides us and creates a workplace where all employees feel heard and welcomed. Lennox is a global community that values each team member’s contributions and offers a supportive environment for career development. Come, stay, and grow with us.

We are seeking a skilled and detail-oriented SIEM Specialist Developer in Splunk to manage and maintain security use-cases and policies, configurations, and operational integrity within our Splunk SIEM environment. The ideal candidate will have a strong background in security operations, log management, and policy enforcement, ensuring that our SIEM platform supports effective threat detection, incident response, and compliance requirements

• Utilize Splunk SIEM to monitor, detect, and respond to security incidents.
• Develop and execute security monitoring strategies and initiatives, working closely with the SOC management team to align efforts with organizational goals.
• Administer and maintain Splunk SIEM policies, configurations, and access controls.
• Develop, implement, and manage correlation rules, alerts, and dashboards to support threat detection and response.
• Collaborate with SOC analysts, incident responders, and IT teams to fine-tune SIEM use cases and improve detection capabilities.
• Ensure compliance with internal security standards and external regulatory requirements PCI and NIST Process
• Monitor and optimize data ingestion pipelines, ensuring relevant logs are collected and parsed correctly.
• Perform regular audits of SIEM configurations, user roles, and data sources.
• Document policy changes, configurations, and procedures for operational transparency and continuity.
• Support onboarding of new data sources and integration with other security tools (e.g., EDR, vulnerability scanners, palo Alto, Azure and AWS).
• Assist in troubleshooting and resolving issues related to SIEM performance, data gaps, or false positives.
• Stay updated with the latest security threats, Splunk features, and best practices.
• Create and maintain standard operating procedures (SOPs) to ensure consistent and effective security operations.
• Lead the preparation and delivery of weekly presentations to provide executive-level insights into SOC operations, including key metrics, trends, and emerging threats.
• Take ownership of false positive report preparations, ensuring accurate identification and documentation of false positives to improve detection and response capabilities.
• Collaborate with the Security Specialist team on high-priority security incidents, providing expertise and assistance as needed to facilitate incident resolution.
• Flexible to Provide support to 24/7 L1 Monitoring shift members.

Qualifications

• Bachelor’s degree in computer science, Information Security, or related field.
• 7 - 10 years of experience in SIEM administration, preferably with Splunk.
• Strong understanding of security operations, log analysis, and incident response.
• Experience with Splunk SPL (Search Processing Language) and dashboard creation.
• Splunk Enterprise Security knowledge with finding and investigations knowledge.
• Familiarity with enterprise security policies, compliance frameworks, and risk management.
• Correlation Splunk Enterprise Security Use case implementation. Creation of Interactive dashboard.
• Automated Response Integration: Configuring Adaptive Response actions to automate initial containment steps or integrate with SOAR (Security Orchestration, Automation, and Response) tools.
• Knowledge of networking protocols, operating systems, and common attack vectors.
• Incident Response & Triaging the true positive events.
• Excellent analytical, problem-solving, and communication skills.
• Excellent communication and presentation skills.
• Commitment to continuous learning and professional development.
• Flexibility to work shifts from 1 PM to 10 PM and 3 PM to 12 AM.