Job Duties:
- Gather business requirements and implement appropriate strategies for alerts and monitoring in Splunk.
- On-board new data sources into Splunk, analyse the data for anomalies and build dashboards highlighting the key trends of the data.
- Create data inputs in Splunk db connect to pull data from sales force objects and ingest into Splunk.
- Develop log ingestion and aggregation strategies Configure the heavy forwarder to send the logs to Splunk indexers and customize the reports, scheduled searches, dashboards and create data models if required.
- Create data retention policies and perform index administration, maintenance, optimization and manage Splunk user accounts (create, delete, modify, etc.).
- Create reports, alerts and Dashboards as required for different security and applications teams which can be used for monitoring.
- Perform data analysis of any application logs and create reports as in required by application teams.
- Work on ingesting cloud infrastructure AWS metrics to Splunk and create reports, alerts and Dashboards based on Metrics.
- Work on enhancing existing dashboards to implement latest changes required by monitoring and applications teams.
- Assist in responding with appropriate activities to take action regarding detected cybersecurity events as needed and Analyse IT specifications to assess security risks.
- Create alerts and trigger actions (send email, run script) to respective teams for further investigation.
- Standardize Splunk forwarder deployment, configuration, and maintenance on all Windows and Linux platforms
- Implement appropriate safeguards to ensure delivery of critical infrastructure services
- Detect the appropriate activities to identify the occurrence of a cybersecurity event, which is any incident that has the potential to compromise the Information Technology Security infrastructure and includes incidents such as malware install, hacked account, phishing attack, data breach, Unauthorized Server Access, etc.
- Ensure support tickets (service now tickets) are fully updated with the most current data. Provide proper escalations and handoffs to management and support staff.
All the responsibilities mentioned above are in line with the professional background and requires an absolute minimum of a bachelor’s degree in computer science, computer information systems, Technology Management, or a combination of education and experience equating to the U.S. equivalent of a Bachelor' s degree in one of the aforementioned subjects