Lennox International

Specialist - Splunk Content Developer

Job Locations IN-Chennai
Requisition #
2025-49940
Category
Information Technology
Shift / Hours
Third Shift

Company Profile

Lennox (NYSE: LII) Driven by 130 years of legacy, HVAC and refrigeration success, Lennox provides our residential and commercial customers with industry-leading climate-control solutions. At Lennox, we win as a team, aiming for excellence and delivering innovative, sustainable products and services. Our culture guides us and creates a workplace where all employees feel heard and welcomed. Lennox is a global community that values each team member’s contributions and offers a supportive environment for career development. Come, stay, and grow with us.

Job Description

We are seeking a skilled and detail-oriented Splunk SIEM Policy Administrator to manage and maintain security policies, configurations, and operational integrity within our Splunk SIEM environment. The ideal candidate will have a strong background in security operations, log management, and policy enforcement, ensuring that our SIEM platform supports effective threat detection, incident response, and compliance requirements

 

  • Utilize Splunk SIEM and CrowdStrike EDR tools to monitor, detect, and respond to security incidents. 
  • Develop and execute security monitoring strategies and initiatives, working closely with the SOC management team to align efforts with organizational goals. 
  • Administer and maintain Splunk SIEM policies, configurations, and access controls. 
  • Develop, implement, and manage correlation rules, alerts, and dashboards to support threat detection and response. 
  • Collaborate with SOC analysts, incident responders, and IT teams to fine-tune SIEM use cases and improve detection capabilities. 
  • Ensure compliance with internal security standards and external regulatory requirements (e.g., ISO 27001, GDPR, HIPAA). 
  • Monitor and optimize data ingestion pipelines, ensuring relevant logs are collected and parsed correctly. 
  • Perform regular audits of SIEM configurations, user roles, and data sources. 
  • Document policy changes, configurations, and procedures for operational transparency and continuity. 
  • Support onboarding of new data sources and integration with other security tools (e.g., EDR, vulnerability scanners). 
  • Assist in troubleshooting and resolving issues related to SIEM performance, data gaps, or false positives. 
  • Stay updated with the latest security threats, Splunk features, and best practices. 
  • Create and maintain standard operating procedures (SOPs) to ensure consistent and effective security operations. 
  • Lead the preparation and delivery of weekly presentations to provide executive-level insights into SOC operations, including key metrics, trends, and emerging threats. 
  • Take ownership of false positive report preparations, ensuring accurate identification and documentation of false positives to improve detection and response capabilities. 
  • Collaborate with the Security Specialist team on high-priority security incidents, providing expertise and assistance as needed to facilitate incident resolution. 
  • Flexible to Provide support to 24/7 L1 Monitoring shift members. 

Qualifications

 

  • Bachelor’s degree in computer science, Information Security, or related field. 
  • 4+ years of experience in SIEM administration, preferably with Splunk. 
  • Strong understanding of security operations, log analysis, and incident response. 
  • Experience with Splunk SPL (Search Processing Language) and dashboard creation. 
  • Familiarity with enterprise security policies, compliance frameworks, and risk management. 
  • Correlation Usecase implementation. 
  • Creation of Interactive dashboard. 
  • Knowledge of networking protocols, operating systems, and common attack vectors. 
  • Incident Response & Triaging the true positive events. 
  • Excellent analytical, problem-solving, and communication skills. 
  • Excellent communication and presentation skills. 
  • Commitment to continuous learning and professional development. 
  • Flexibility to work shifts from 1 PM to 10 PM and 3 PM to 12 AM. 

Apply/Sharing Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.