- SIEM (Splunk Enterprise Security) SME with experience in Design, Implementation, Configuration, Supporting and troubleshooting, L3 Monitoring of Splunk SIEM tool.
- Should have good experience in configuring, deploying and customizing the Splunk SIEM tool. Integration and troubleshooting of log sources.
- Should have ability to create custom queries, event parsers searching and reporting capabilities with SIEM Tool and custom dashboard creation
- Experience in SOC operations
- Strong understanding of attack vectors from OWASP, WASC and mitigation of the same.
- Experience in managing Major Security incidents
- Significant experience in network intrusion detection, including experience using common network monitoring tools – IDS, IPS, SIEM, and Syslog
- Strong experience with incident response
- Experience with bi-directionally integrating Splunk with a 3rd party ticketing system, such as Service Now,JIRA..
- Familiarity with configuring load-balancing on Splunk data forwarders
- Enterprise Security
- Incident Response