Vacancy expired!
- Experience administering Access Controls to Splunk (Role based Privileges & Capabilities) using LDAP & Radius Authentication
- Work closely with Linux and Windows server administration teams to diagnose and resolve configuration issues
- Be well versed in Splunk technology, implementation of best practices and have a working knowledge in the variety of architectural variations of the Splunk product.
- Experience with Splunk deployment in the cloud AWS, Azure & Oracle Cloud
- Hands on experience with Enterprise Applications
- Hands on experience with Security Tools such as IDS/IPS, AV, Endpoint management
- Hands on experience with Virtualization Technology such as VMWare
- Scripting/Programming experience with Python, Perl, PowerShell or Bash
- Security Information Event Management (SIEM)
- Experience working in a large corporate enterprise environment
- 5+ years of experience with deep technical expertise and strong leadership supporting enterprise level SIEM technology and logging frameworks
- 2+ years of experience deploying and operating Splunk Enterprise Security (ES)
- Formal education and advanced degree in Information Security, Cyber-security, Computer Science or similar and/or commensurate demonstrated work experience in the same
- Ability to develop, document and maintain security policies, processes, procedures, and standards.
- Determining security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses; studying architecture/platform; identifying integration issues; preparing cost estimates.
- Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans.
- Excellent technical knowledge of mainstream operating systems and a wide range of security technologies, such as network security appliances, identity and access management systems, anti-malware solutions, automated policy compliance tools and desktop security tools
- Splunk Administrator/ Developer skillset
- Extensive experience in deploying, configuring, upgrading and administering Splunk clusters at an enterprise level.
- 6+ years' experience: MS Windows NT/2000
- 2-4 years' experience: Linux, Red Hat Linux, Unix Shell Scripting, Win Server 2016/2019/2012/2008/2003, Windows 10, Windows 7, Python Scripting, Regular Expressions (Regex)
- 1-2 years' experience: Structured Query Language (SQL)
- Configure and maintain heterogeneous Splunk environments and in-depth knowledge of log analysis generated by various systems including security products such as LDAP Directories, Application Servers, Web servers and HTTP methodologies.
- Architecture various components within Splunk (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder, Parsing, Indexing, Searching concepts, Hot, Warm, Cold, Frozen bucketing, License model.
- Helping application teams in on-boarding Splunk and creating dashboards, alerts, and reports.
- Develop custom app configurations (deployment-apps) within SPLUNK in order to parse, index multiple types of log format across all application environments
- Deployment of Splunk family of software to support log retention, aggregation and analysis requirements, including: Splunk scalability, capacity planning, distributed setup, Search Head Clustering, Index Clustering and performance specifications
- Perform installation, configuration management, capacity planning, license management, data integration, data transformation, field extraction, event parsing, data preview, and application management of Splunk
- Integration & Onboarding Database logs with DB Connect Application and developing complex SQL Queries for that purpose.
- Design and customize complex search queries and promote advance searching, forensics, and analytics
- Develop dashboards, data models, reports and optimize performance
- Develop, implement and document configuration standards, policies, and procedures for operating, managing and ensuring the security of the Splunk infrastructure
- Participate in incident, problem, and change management process related to Splunk
Vacancy expired!