Principal Technical Lead — Splunk User Behaviour Analytics (UBA)

This role leads Cognizant's Splunk UBA delivery within a flagship engagement with one of the world's foremost enterprise cybersecurity companies. You will hold one of the most senior technical positions in a specialist area with direct client and leadership visibility.

About The Role

We are looking for a Principal Technical Lead for Splunk UBA to own high-priority escalations, drive detection engineering excellence, and align behavioural analytics strategy with enterprise threat modelling frameworks. This role demands both technical mastery and the leadership presence to guide and elevate a specialised team.

What You Will Do

Lead resolution of high-priority UBA escalations with full end-to-end ownership
Provide hands-on technical support to Senior Engineers and Technical Leads
Analyse UBA logs, behavioural models, and data pipelines; deliver actionable insights and preventive recommendations
Oversee optimisation of user and entity behaviour models, risk scoring, and anomaly detection
Align detection strategies with MITRE ATT&CK and threat modelling frameworks
Drive improvements in UBA performance, scalability, and data ingestion efficiency
Assess impact of product updates on detection models, risk scoring, and system performance
Drive automation using Python/Shell scripting; support API integrations to improve operational efficiency
Mentor engineers and technical leads; conduct knowledge-sharing sessions and advanced training
Promote continuous improvement and innovation within the team

What You Bring

Deep expertise in threat modelling, detection engineering, and insider threat strategy
Experience with cloud platforms (AWS/Azure/GCP) and automation (Python/Shell)
Prior experience in a technical leadership or managerial role
Splunk Certified Admin