Description

What you’ll do
• Deployment and configuration of Splunk platform (Enterprise) / Splunk Cloud.
• Demonstrate Splunk Core capabilities to prospective clients.
• Optimize Splunk platform architecture for large-scale and distributed deployments.
• Adopt best practices and development standards, deploying the same.
•    Develop and fine tune Splunk security monitoring rules along with writing Splunk Alert Detection Strategy (ADS) templates
• Develop and customize Splunk apps and dashboards, building advanced visualizations.
• Analyzing and triaging security alerts generated by the SOC tools, making informed decisions on the appropriate response.
• Responding to security incidents, taking appropriate actions to contain, mitigate, and remediate security threats.
• Collaborating with other members of the SOC team, as well as internal and external stakeholders, to resolve complex security incidents.
• Keeping up to date with the latest cybersecurity threats, trends, and technologies to improve the efficiency and effectiveness of incident response.
• Documenting security incidents, responses, and related information in accordance with established procedures.
• Mentoring and training lower-level SOC technicians on the use of the SOC tools and incident response best practices

Key Skills
Education

Any Graduate

Back To Jobs