Date Opened: Aug 26, 2022 Location: IN Company: Allstate Insurance Company
The Associate Principal Consultant in Splunk cloud platform will be a key member of the Splunk platform administration team focusing on the cloud Splunk platform providing technical expertise to Allstate’s Global Security Fusion Center (GSFC). The candidate is responsible for engineering and maintaining log collection, aggregation and ingestion from cloud instances to the SIEM platform that offers its services to the entire Allstate organization and its affiliates.
Job Responsibilities
Provide technical input for all design, implementation, and maintenance activities related to the SIEM apps and content.
Hands on experience on deployment and maintenance of Splunk in AWS and/or Azure cloud
Experience is deployment of service using IAC (Infrastructure as Code).
Good working experience in Python and Ansible play book, knowing Terraform is an added advantage
Good understanding of Splunk environment and experience in troubleshooting issues on ingestion, unavailability of Data
Good understanding of implementing and working with Smartstore in AWS and the lifecycle policy
Create, optimize, and continuously evaluate security monitoring content on the SIEM platforms.
Design and create new detection techniques and improve existing ones.
Identify gaps in existing security capabilities and enhance them by closely working the stake holders.
Recommend and assist in technology evaluations and implementations.
Contribute to large security projects and initiatives working with all areas of Information Services, business units, and other partners.
Primary Skills
Proficient in Splunk Query Language (SPL)
Content Development in any major SIEM platform
Information Security background with experience in use case development in the SIEM platform
Working knowledge in Splunk Enterprise Security App
Experience
Strong Python Scripting experience is a must
Good to have Ansible coding experience
Having experience in Terraform is an advantage
Working knowledge in Splunk Enterprise Security App
Shift Timing
Shift B: 1:30pm to 10:00pm
Beware of fraud agents! do not pay money to get a job
MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.