Our partner, an international financial services company, is currently seeking a Senior Splunk Administrator.
.
What You Will Do
- Work directly with Infrastructure and Application teams to align security and event applications with predetermined SOC use cases that provide the intelligence necessary for investigations.
- Work within the Security Strategy to onboard the identified number of applications across all Business Units (BU), and provide direction and guidance to the Business when streaming events into the SIEM.
- Assist in managing time resources and commitments with your customers to ensure onboarding activities are completed on time and in scope.
Qualifications:
- Splunk Core experiences with Deployment Server configuration experience
- Splunk Core experience with Infrastructure support knowledge (Indexers, Search Heads)
- HTTP Event Collector (HEC) experience for streaming to endpoints
- SPL Query Language experience
- AWS lambda, S3 format experience, Azure Cloud blob format experience for SaaS ingestion
- Unix / Linux OS experience, Next Gen Firewall experience, Endpoint Threat Detection experience
- Experience with proper source typing
- Familiarity with Syslog technology
- RegEx and stream parsing experience
- Bachelors degree or equivalent training, education, and work experience
- 5 years of Splunk SIEM (Core, ES, etc) experience
Preferred:
- Splunk Infrastructure deployment methodology
- Experience with using SIEM in a Global organization and having awareness of GDPR and other compliance regulations
- Splunk Heavy Forwarder experience
- Splunk Enterprise Security experience
- Splunk Universal Forwarder management
- Splunk Deployment / Cluster management
- SNOW, Confluence, Jira experience
What we offer:
- Competitive salary
- Comprehensive health package
- Cafeteria
- Brand new office at an excellent location
- Hybrid working
- Opportunities for growth and advancement
- A highly people-centric, positive, and supportive work environment