Description:
•
Manage enterprise SIEM systems, including upgrades.
•
Proficient in Splunk On-Prem and Azure Sentinel.
•
Skilled in scripting languages like JavaScript, Perl, Java, and Shell.
•
Proficiency in Regex and Python.
•
Configure and onboard new log sources into Splunk.
•
Troubleshoot technical issues and devise solutions.
•
Expertise in SPL queries, Reports & Dashboards.
•
Design and optimize complex search queries and visualizations.
•
Familiarity with Azure Sentinel administration and data connectors.
•
Splunk certification preferred.
•
Automate security tools management.
•
Strong communication and teamwork skills.
•
Comfortable in fast-paced environments and shift work.
•
Analytical problem-solving abilities.
•
Knowledge of security monitoring, incident response, and threat intelligence.
•
Understanding of cyber security issues and remediation.
•
Awareness of ethical hacking and penetration testing.
•
TCP/IP networking skills for troubleshooting.
•
Ability to work independently and follow escalation procedures.
•
Client interface for quality aspects and expectations.
Primary Skills:
•
SIEM
•
Splunk Administration/Development.