| Looking for Splunk Engineer || Hybrid (Pittsburgh PA, Everett, WA or Beaverton, Oregon) at Beaverton, Alabama, USA |
| Email: [email protected] |
| Only USC are workable Hi, My name is Sagar and I'm a Sr. Technical Recruiter at Diverse Lynx. We provide IT Consulting Services to our customers immediate and long-term resource needs. I am contacting you either because your resume has been posted to one of the internet jobs sites to which we subscribe or you had previously submitted your resume to Diverse Lynx. We now find your resume matching for Splunk Engineer. with our client at Hybrid (Pittsburgh PA, Everett, WA or Beaverton, Oregon). The job description is Job Title: Splunk Engineer Location : Hybrid (Pittsburgh PA, Everett, WA or Beaverton, Oregon) Duration: Long term Job description Job Title: Security Operations Senior Analyst / SOC L3 role Job Description: We require an 8+ Years experienced SOC professional who will be responsible for working on escalated events, evidence collection, analyse, perform forensic investigation, find the root cause of the incident, provide trouble shooting steps. The primary function of this position is to work as a SPLUNK Expert who can perform alert management, high level investigation which includes but not limited to log analysis, forensic evidence collection, analysis, find the root cause and provide remediation steps. This role reports to the SOC Manager. Responsibilities: Monitoring client security infrastructure, identifying and reporting real time attacks and vulnerabilities on the client network. Identification of incidents and subsequent analysis and investigation to determine their severity and the response required. Perform deep dive analysis for escalated incidents, forensic evidence collection Help L1 and L2 team for triage incidents High level investigation which includes but not limited to log analysis/forensic evidence collection and analysis Collection of necessary logs that could help in the incident containment and security investigation and resolution Triage complex threats and alerts. Undertake first stages of false positive and false negative analysis Fine tune policies for reducing false positives Integrate new devices to Splunk Run various queries to generate the required reports Work on new use case integration Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email security etc. Understand the subject of Carbon Black alarms and perform deeper analysis Should have ServiceNow and other ticketing tools experience Should be able to fetch various Splunk and ServiceNow reports. Should be able to have better coordination with Splunk vendor and other stake holders Years of Experience: 12.00 Years of Experience -- Keywords: access management information technology Pennsylvania Washington |
| [email protected] View all |
| Wed Dec 20 00:36:00 UTC 2023 |