T&T | Cyber:D&R | AM | SPLUNK

Demonstrates proven expertise as in administering Splunk Enterprise Security (SIEM)

environment. Should have the following skills:

· Splunk Certified professional having at least Splunk Admin user certification level

preferable.

· Good experience in Splunk administration and troubleshooting

· Experience in integration of Splunk with log sources of different

types including but not limited to security devices, network

devices, web applications, custom applications and so on.

· Experience in tuning and troubleshooting Splunk premium apps like

Enterprise Security, Phantom and UBA.

· Comfortable in writing regular expression to extract fields from custom log sources

· Expertise in developing custom use cases using Splunk search language to correlate and

alert on logs from multiple sources.

· Hands-on experience in creating dashboard and reports using SPL queries and XML.

· Good knowledge of information security and IT operations domain.

· Proficiency in client and server operating systems including Linux and Windows

· General networking and system troubleshooting skills (firewalls, routing, NAT, etc.)

Cyber Security certification and knowledge including SOC services

· Ability to autonomously prioritize and successfully deliver across a portfolio of projects