Job Description

• Responsible for managing all the Splunk components in the environment.
• The primary responsibility involves support and infrastructure designs for Splunk.
• Good understanding on Logging levels, Log filtering and security logging requirements of each security platforms & application
• Collaborate with different verticals & teams to implement, integrate, configure and ingest log in to Splunk across different environments & Platform
• Writing rules/Use Case to implement detection & Integration of log sources with Splunk
• Managing Splunk components, Writing and fine-tuning Rules/use cases
• Implementing use cases and log management
• Work on various operating systems and platforms Like Linux, Unix and Windows OS
• Perform upgrades on the Splunk components include the managers, databases, connectors and various appliances
• Investigate technical issues related to Splunk Infrastructure operation
• Requires a deep understanding of hardware, networking, security and tools used to monitor, test and evaluate those technologies.
• Advanced knowledge with Unix/Linux platform OS.
• SIEM use case creation, Security alert creation upon security incident detection.
• Splunk administration experience (hardware/software/patching/upgrades) in clustered environment Multi-Cluster environment.
• Programming and development skills in at least some of the following: Splunk -SPL Search processing Language, Python, Perl, PowerShell, shell scripting, regular expressions.

• Knowledge on Automation & Integration Security Software (API, Ansible, VRO)
• Custom dashboard creation for advanced reporting.

• Excellent communication skills.
• Python, API, Ansible, VRO