Role Designation: SIEM – Splunk
Location of Posting: Pune, Hyderabad
Interview Location: Bangalore, Pune, Hyderabad
Educational Qualification: BTECH, BE, MTECH, MCA,B.Sc.,BCA etc.
Minimum – Maximum Years of Experience: 2 to 15 Years
Skill: 4+ years working with SIEM technology, with at least 1 year experience implementing Splunk solution
--In-depth understanding of configuration options and various architectures of Splunk.
--In-depth understanding of logging formats, log collection methods supported for common log sources such as Firewalls, IDS/IPS, Web Proxies, Endpoint Security , DLP, Active Directory, Windows/Unix Servers etc
--Expertise with logging configuration of network, security devices and servers.
The SIEM Implementation Engineer is responsible for implementing and supporting the Splunk Enterprise and ES App solution to detect IT security incidents. The SIEM Engineer will implement the solution as per the design document
--Understand the business requirements and the finalized design document.
--Develop the specific content necessary to meet the organization’s security operations goals, to include: the formation of content-specific queries, templates, reports, rules, alerts, dashboards, and workflows
--Integrate data and event feeds with Splunk Enterprise solution.
--Develop implementation and configuration guides for the operations support team.
--Analyze and resolve complex technical issues.
--Perform on-the-job training of the SIEM solutions for team.