Principal Technical Lead — Splunk User Behaviour Analytics (UBA)

This role leads Cognizant's Splunk UBA delivery within a flagship engagement with one of the world's foremost enterprise cybersecurity companies. You will hold one of the most senior technical positions in a specialist area with direct client and leadership visibility.

About the Role

We are looking for a Principal Technical Lead for Splunk UBA to own high-priority escalations, drive detection engineering excellence, and align behavioural analytics strategy with enterprise threat modelling frameworks. This role demands both technical mastery and the leadership presence to guide and elevate a specialised team.

What You Will Do

• Lead resolution of high-priority UBA escalations with full end-to-end ownership
• Provide hands-on technical support to Senior Engineers and Technical Leads
• Analyse UBA logs, behavioural models, and data pipelines; deliver actionable insights and preventive recommendations
• Oversee optimisation of user and entity behaviour models, risk scoring, and anomaly detection
• Align detection strategies with MITRE ATT&CK and threat modelling frameworks
• Drive improvements in UBA performance, scalability, and data ingestion efficiency
• Assess impact of product updates on detection models, risk scoring, and system performance
• Drive automation using Python/Shell scripting; support API integrations to improve operational efficiency
• Mentor engineers and technical leads; conduct knowledge-sharing sessions and advanced training
• Promote continuous improvement and innovation within the team

What You Bring

• Deep expertise in threat modelling, detection engineering, and insider threat strategy
• Experience with cloud platforms (AWS/Azure/GCP) and automation (Python/Shell)
• Prior experience in a technical leadership or managerial role
• Splunk Certified Admin