| Splunk Admin at Remote, Remote, USA |
| Email: [email protected] |
| Splunk Admin Hartford CT Security Incident investigations, Incident Response, Splunk, SIEM, SOAR, Threat Hunting Ability to perform reactive & proactive security analysis and articulate emerging threats to leadership and team Situational awareness of cyber activity by reviewing open source reporting for new vulnerabilities, malware, or other threats that have the potential to impact the organization Experience in directly working with the customer and managing customer expectations, project deliverables in coordination with onshore/nearshore/offshore team Good knowledge & working experience on Splunk administration & engineering, log management, event correlation, security incident management, SIEM & SOAR. Ability to preset a threat response for any critical incidents. Experience in defining alerts, reports and dashboards Ability to prepare reports and present risk based view to Clients Expertise in SIEM & SOAR implementation by understanding the customer environment. 2. Team management with good Information security technical expertise and ability to frontend customer interactions 3. Experience in Security Incident Response Lifecycle 4. Experience in identifying & enabling SIEM & SOAR functionality using Splunk. 5. Experience in defining SOC monitoring usecases and operationalizing them through SOPs, and SIEM based alerts / reports. 6. Should understand the functioning of Security Technologies including EDR, Firewalls, Intrusion Prevention, Packet Capture tools, Remote access technologies etc. 7. Security incident investigations using Next-Gen AV/ EDR solutions such as CrowdStrike, MS Defender, etc 8. Experience in understanding and interpreting Threat intelligence from various external sources including validation of related IOCs in customer environment. 9. Should have good conceptual understanding of Windows, Linux operating systems & Networking TCP/IP Protocol Suite 10. Understanding of common network services (web, mail, DNS, FTP, etc.), network vulnerabilities, and network attack patterns 11.Possess knowledge and experience in Threat Ecosystem, remediating Malware, Rootkits and Botnets 12. Strong analytical and problem solving skills 13. Good organization skills to ensure coordination and smooth hand-offs between onshore & offshore/nearshore teams 14. Strong communication (verbal and written) and interpersonal skills 15. Project Management experience with an ability to mentor the team and meet delivery objectives Certifications preferred - CISSP, GCIH, GCFA, CHFI, CEH, SEC+ Experience in custom integrations & automation. Executive briefing & reporting skills with attention to detail -- Keywords: information technology microsoft Connecticut Splunk Admin [email protected] |
| [email protected] View all |
| Mon Aug 19 19:45:00 UTC 2024 |