| Direct Client Req - Splunk Engineer - St Paul, MN - Onsite at Paul, Idaho, USA |
| Email: [email protected] |
| Hi, Hope you are doing great! This is Prasanna from Dynamic Enterprise Solutions. We have an urgent requirement with one of our clients, please review below job description and let me know your interest. Title: Splunk Engineer Location: St Paul, MN Duration: 6 Months+ What Youll Work On You will research and build Splunk correlation searches in Splunk Search Processing Language (SPL) to broaden the scope of detection engineering Risk Rules using Risk Based Alerting in to detect threats to Abbott. Investigate the capabilities of the deployed Endpoint Detection and Response tools, Armis and other sensors and ensure we are capitalizing on the available data and capability, enhancing ingested logs. Join the Cyber Threat Engineering team to protect the Abbott enterprise, which includes internal and external computing assets, data, and customers. Intermediate Python and PowerShell scripting and base knowledge of APIs are essential. Core Job Responsibilities: Ability to write correlation searches in Splunk Search Processing Language (SPL) for multiple sensors (Firewall, IDS/IPS, Armis, Sentinel 1, ZScaler, and more) incorporating the MITRE ATT&CK and MITRE Engage Models. Work to broaden the scope of threats detected with a emphasis on high fidelity detections, periodic review of detections in production and team and customer metrics. Proactively ingest Digital Forensics, and Incident Response reports from a wide variety of sources. Build detections for cyber-based threats and risks, both current and future, creating and deploying detections as needed. Automate manual tasks through technology integrations via scripting and orchestration of playbooks using Python and Powershell. Participate in Projects to achieve defined security goals and meet technical requirements in support of Abbots needs. Develop response strategies and technical support documents, summaries, reports, presentations, and other designated products. Support the advancement of Abbotts Cybersecurity Operations program to ensure consistent detection, analysis, response, and monitoring of cybersecurity threats, including actors, campaigns, and vulnerabilities. Participate in Purple team events. Regards Prasanna Kumar Dynamic Enterprise Solutions Inc 1801 Hicks Road, Suite A Rolling Meadows, IL 60008 Email: [email protected] Ph : 847-582-0831 (Work) -- Keywords: information technology Illinois Minnesota |
| [email protected] View all |
| Wed Oct 11 00:32:00 UTC 2023 |