Description
Key Responsibilities:
8+ years of technical experience with development of the Splunk Enterprise application specifically for SIEM capabilities.
Strong Knowledge of Splunk Cloud/Enterprise Administration certified, or an equivalent level of proficiency with Minimum of 5 years of relevant experience
Good knowledge of Splunk Data Models, Data Enrichment (via lookups), and Field Extractions
Understanding MITRE ATT&CK Framework.
Familiar with the security tools and components of Azure, AWS, and GCP. General understanding of various cybersecurity frameworks.
Configure data inputs, onboard log sources, and validate ingestion processes. Splunk SPL query optimization.
Create automation scripts using Python, Bash, or PowerShell for operational efficiency.
Utilize Splunk REST APIs to integrate third-party tools or automate processes. Develop or configure Splunk apps and add-ons to extend platform capabilities. Good knowledge of Azure services, architecture, and best practice for securing cloud environments
Key Skills
Education
Any Graduate
- Posted On: 5 days Ago
- Experience: 8+ years of experience
- Openings: 1
- Category: Splunk Architect
- Tenure: Full-Time Position