Splunk Admin | 4 to 6 years | Bengaluru & Mumbai

Job Description
  • Splunk Admin should provide technical security expertise to ensure that the Security Operations Centre SOC is always delivering a professional service to its customers.
  • Conduct detailed analytical queries and investigations identify areas that require specific attention identify indicators of compromise IOC or events of interest EOI that need further investigation and develop use cases and rules to be developed into the SIEM platform.
  • Analysts support and supervise them ensure knowledge transfer within the team Deliver qualified information about actual threats and indications recommendations how the associated risk can be mitigated.
  • Contribute to the overall performance and success of the Security Operations Centre Build on and continuously improve SOC analytics framework.
  • Ensure effective operation of SIEM content filters rules expressions and other identification mechanisms of the threat and vulnerability management technologies used within the SOC Mentor and guide the First Level Security Analysts.
  • Provides professional data analysis within the SOC processes and to SOC customers in order to drive further security measures and risk mitigation activities
  • Should be open for 24×7 operations support
Primary Skills
  • Splunk in designing and maintaining production-quality dashboards
  • Must have experience on Splunk administration.
Secondary Skills
  • Standardized Splunk agent deployment, configuration and maintenance across a variety UNIX and Windows platforms.
  • Troubleshoot Splunk server and agent problems and issues.

Ref:

447087

Posted on:

May 19, 2020

Experience level:

Experienced

Contract type:

Permanent

Location:

Bangalore

Business units:

Cloud Infrastructure Services

Department:

Cyber Security