- SIEM (Splunk Enterprise Security) SME with experience in Design, Implementation, Configuration, Supporting and troubleshooting, L3 Monitoring of Splunk SIEM tool.
- Should have good experience in configuring, deploying and customizing the Splunk SIEM tool. Integration and troubleshooting of log sources.
- Should have ability to create custom queries, event parsers searching and reporting capabilities with SIEM Tool and custom dashboard creation
- Experience in SOC operations
- Strong understanding of attack vectors from OWASP, WASC and mitigation of the same. Advanced experience in managing Splunk SIEM projects involved with designing, architecting, implementing and operationalizing the solutions Experience of the supporting policy, procedures and practices required to deliver and maintain an effective operational SIEM
- Handling virus threat outbreak, severity issues
- Experience in managing Major Security incidents
- Ability to lead a team, promote and foster collaboration, and be a strong leader in the face of a new and changing environment broad information cybersecurity knowledge, including familiarity with common attack methodologies, tactics and protocols, Advance Persistent Threat groups, Hacker activities, etc.
- Significant experience in network intrusion detection, including experience using common network monitoring tools – IDS, IPS, SIEM, and Syslog
- Strong attention to detail along with sharp analytical skills to identify problems at the network, systems, and application layers. Ability to establish and maintain effective working relationships with customers, vendors, co-workers, employees and upper management Strong experience with incident response
- Splunk SME