Senior Splunk Engineer
Job Description
Our Client
Leading MSSP based in UAE
Your Responsibilities
- Administering Splunk and Splunk Apps to include developing new or extending existing Apps to perform specialized functionality.
- Integrating Splunk with a wide variety of legacy data sources.
- Engaging application and infrastructure teams to establish best practices for utilizing Splunk data and visualizations.
- Design, implement, and support solutions with Microsoft security technologies such as Azure Cloud Access Security Broker, Office 365 Advanced Threat Protection (O365 ATP), Microsoft Defender ATP, and their integrations used to deliver internet-scale intelligence and managed security products
- Implement & administer Microsoft Defender (ATP), Azure Cloud Access Security Broker & Azure Threat Protection security products within customer environment Manage and oversee day-to-day activities of Azure IP platform and ensure adherence to enterprise standards in project execution methodology, requirements gathering, quality assurance, and continuous improvement
- Handle the implementation/deployment/support of Nessus scan engines and Tenable Security Center and peripherals with Engineering, SOC, TIU, and IR.
- Maintain local and network credentials, Tenable Security Center, and provisions access to vulnerability scanning systems.
- Integrate Nessus/TSC with other security and IT systems management tools
- Document vulnerabilities and work on vulnerability mitigation with agreed SLA
- Managing CB sensors including deployment, operation, management, maintenance, update, upgrade, patching, and administration.
- Should be able to create watchlists to detect indicators of compromise (IOCs) and malicious behavior of new threats.
- Hands on in writing queries in CB to search the desired events
- Assess customer needs and expectations, design solutions to meet those needs, and then implement the design
- Quickly build and solve a problem using a new technology to determine viability
- Serve as a primary responder for Managed Security customer systems, taking ownership of client configuration issues and tracking through resolution
Your Qualifications
- Experience and knowledge of SPLUNK SIEM is essential
- Minimum 8 years of professional experience supporting and maintaining SPLUNK SIEM System
- 5-6 years of experience with advanced tuning of Splunk SIEM content
- Professional experience working with networks and network architecture
- College degree or equivalent training with experience working in a Security Operations Center, Managed Security, or client network environment
- Information security knowledge in one or more areas such as EDR – Enterprise end-point security products (e.g., McAfee e-Policy Orchestrator, Virus Scan, Anti-Spyware, Host Data Loss Protection, Endpoint Encryption, etc.)
- Practical hands-on experience in EDR (Carbon Black), Vectra, and Microsoft Azure
- Splunk, Azure Log analytics, or equivalent big data engine experience
- Experience with MS Azure Information Protection and technologies, including solution architecture, deployment, management, and support in a large global enterprise
- General security knowledge, certificates on Splunk Admin, Splunk Architect, Splunk Consultant is a must. Also, good to have is Azure, Managed vulnerability (Nessus/Tenable), EDR (Carbon Black) and Firewall related security certifications
- Knowledge of Linux and Windows Operating Systems.
- Experience with various other SIEM security products such as: Splunk, ArcSight, Nitro, or LogRhythm and infrastructure components such as proxies, firewalls, IDS/IPS, and DLP
- Experience working with clients in a service delivery function
- Shift flexibility, including the ability to provide after-hours support when needed
- Experience working with internal and client ticketing and knowledge base systems for Incident and Problem tracking as well as procedures
Halian Group
With over 20 years of experience, we have come to understand that innovation is the only way to provide agile, practical solutions that transform businesses and careers.
Our resourcing and smart services help you to realize tomorrow's potential. Discover the amazing things possible when you bring the right people and the right technologies together.
Job Details
Employment Types:
Full time
Industry:
IT / Computers – Software
Function:
IT
Roles:
Software Engineer / Programmer
Skills:
Senior Splunk Engineer