SIEM Splunk Analyst

  •  

New York City, NY

Industry: Technology

  •  

8 - 10 years

Posted 178 days ago

  by    Rahul Kushwaha

This job is no longer available.

Splunk SIEM

NYC, NY - F2F required

Desired Competencies (Technical/Behavioral Competency)

Must-Have * 8-10 years* experience (IT Security)

* Linux administration

* At least two of the following programming languages perl/python/shell/sql

* Experienced with regex and various parsing methods

* Direct experience as a Splunk administrator

* Familiar with Splunk architecture and its various components (indexer, forwarder, search head, deployment server), Heavy and Universal forwarder.

* Experience with Splunk Enterprise Security (ES)

* Building complex queries and optimize searches for better performance.

* Creating and managing app, Create user, role, Permissions to knowledge objects.

* Developing Field Extraction, Transformation and Loading (ETL) processes

Good-to-Have * SIEM technologies: Splunk, ArcSight, QRadar

* Security Certifications: CISSP, SANS (GCIA or similar)

Responsibility / Expectations from the Role

1 Change management

* Prepare, document, implement and verify changes including communicate

changes to end-users and other impacted parties

2 Incident, Problem management

* Conduct Root Cause Analysis (RCA), respond to incidents and participate in

post mortem analysis

3 Tooling

* Design and implement monitoring solutions on various platforms

* Handle complex reporting requests from senior management and regulators

* Automate repetitive and manual processes

4 Product onboarding

* Work on defining Roles & Responsibilities (RACI) by designing and

implementing a support model

* Build functional QA/UAT environments and train L1/L2 teams

5 Infrastructure support

* Manage code-base and configuration via various version control systems