Splunk Engineer - SIEM (4-7 yrs)

Job Description :

- 4 years experience with Splunk SIEM tool.

- Understanding & experience in working with application programming/scripting languages (JavaScript, Perl, Java, Shell).

- Understanding of regular expressions (Regex) & Python programming.

- Experience with enterprise SIEM architecture, Administration, Upgrades etc.

- Familiar with Spunk cloud platform.

- Logging enrolments from multi-tier applications or custom applications into Splunk.

- Onboarding a new custom log source, performing parsing, transforms & validation.

- Troubleshoot technical issues to establish the root cause problems & form a solution.

- Renewing SSL certificates in Splunk Infrastructure.

- Implement and manage user authentication and authorization.

- Configure role-based access controls (RBAC).

- Ensure data security and compliance with organizational policies.

- Well versed in Splunk SPL queries, Reports & Dashboards.

- Proven ability to design & customize complex search queries, develop advanced visualizations & optimize their performance.

- Experience in working with Microsoft Sentinel administration, configuring various data connectors etc.

- Splunk certification is a must., (Splunk Core Certified Power User, Splunk Certified Admin are highly desirable)

- Develop automation for security tools management.

- Strong interpersonal and communication skills, ability to work in a team environment.

- Must be able to work in a fast-paced technical environment.