Generally it is okay. As alot of Org use Splunk as a SIEM. Understand the concept and fundamental. As SIEM is almost the same - as in the Correlate or use case mechanism. some org might move away from Splunk in the future, yes and no. As the market of SIEM is pretty competitive. But i would say.. most or.. all SOC require a SIEM. it is just which one? As different SIEM is be selected depending on the threat eco landscape or the security products the company select.

Good luck

Depends whether inhouse or vendor, SIEM is a good way to get into security engineering as you will understand more on devices when you do log source onboarding and logs digestion.

Thanks for your reply. In your opinion, is inhouse or vendor better?

Thanks for your reply. I agree on your point about understanding the concept and fundamental. Even if companies move away from Splunk in the future, the knowledge on logs correlation/use case will still be valuable.

Depends what your goal? Inhouse will be admin, vendor wise will be engineer mostly. I know E***** hiring vigorously for their splunk team, please dont tell me you're going there...

If you are looking at SIEM, now they normally will integrate with SOAR. (Partnership / acquired by the bigger companies (SIEM))
Like Splunk is working with Phantom
Palo Altos works well with Demisto (Cortex)
Qradar with Resilient.
Though most SOAR would be able to work with most SIEM but somehow they do have a preferred one to a certain extend.
If you could - pick up SOAR piece as well. so that you could be more complete.

Anything wrong to join "E N S I G N" ?

hahaha what's wrong with E*****? Heard from people in the industry it's one of the better one among the SI leh...

Externally very glamorous and well but internally not very structured and reorg every other year so far since conception 2019. Staff retention is bad, and recently hiring alot non it staff to train while more experienced ones left.

Pb/vb slightly higher than other SI, pay and increment is worse than the other SI unless you from their "royal" family.

More of vendor management instead of hands on for engineers.

Have been through a few SI, definitely wont be going back to ensign ever again...

This company renamed from eCop to Quann to Ensign. As per the idiom, change soup but never change herbs, the foul odor still remains.