Responsibilities
Design, configure, and manage Splunk and Splunk Enterprise Security (ES) to meet cyber security requirements
Develop and maintain Splunk dashboards, reports, alerts, and analytics to identify and respond to security threats
Conduct data analysis and investigation using Splunk to detect and mitigate security incidents
Collaborate with cross-functional teams to ensure effective integration and use of Splunk in security operations
Monitor and assess security risks and vulnerabilities to provide recommendations for improvement
Stay up-to-date with the latest cyber security trends and best practices
Requirements
5+ years experience in information technology.
2+ years experience in information security.
Experience in managing, engineering, or developing content for centralized logging solutions. (Splunk Enterprise , ArcSight, ELK etc)
1+ years SIEM (Splunk Enterprise Security) content development experience.
Familiarity with a broad range of security technologies and how they function, as well as non-security devices and how their log outputs can indicate security incidents.
1+ years in log review, analysis, and design of searches / alerts to bring actionable intelligence from logs.
Understanding of Splunk engineering a plus .
Excel or other data processing & visualization skills.
Basic understanding of one or more of the following: Shell scripting, Perl, or other scripting.
1+ years of SOAR development experience (XSOAR, Chronicle, Splunk SOAR etc).
Any graduate