Interact with the different customers to capture and define requirements for the development and testing of the threat detection capabilities
Cooperate with log source onboarding team to assure correct log source onboarding and log mapping to data models according to Splunk standard processes
The development and tuning and continuous improvement of correlation rules
Develop and maintain dashboards, reports, and alerts
Create Splunk Knowledge Objects to address customers needs in context of using Splunk as security tool
Prepare correlation search tests, conduct tests, and document evidence from test that shows correlation search addresses scenario described in use case
Responsible for the creation of procedures, high-level/low-level documentation, implementation of processes and development of staff in relation to SIEM detection logic
Coach a team (from a technical perspective); review work outputs and provide quality assurance
Analyses and identifies areas of improvement with existing processes, procedures, and documentation
Demonstrates how to use SIEM & Enterprise Security products to both technical/non-technical personnel
Provides expert technical advice and counsel in the design, monitoring and improvement of SIEM security systems
Prioritize and coordinate backlog of threat detection requests, making sure we have a healthy balance between defect resolution and new features
requirements-expected :
In depth experience in development and maintenance of SIEM use cases
Fluent in Splunk’s search processing language (SPL)
Excellent knowledge of Splunk Enterprise and Splunk Enterprise Security
Sound knowledge about Splunk Common Information Model and log normalization using Data Models
Solid understanding of cybersecurity technologies, protocols, and applications
Excellent English communication skills (written and oral)
Strong analytical skills to evaluate sophisticated multivariate problems and find a systematic approach to gain a quick resolution, often under stress
Strong problem solving, documentation, process execution, time management and organizational skills.
Ability to communicate sophisticated information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means
Fast and independent learner, with ambition to self-improve
At ease in a fast-changing environment, flexible and pragmatic, open-minded
Accurate, acting with attention to details
Client focus and delivery oriented
A team-focused mentality with ability to work & collaborate effectively in a team environment
Good leadership and communication skills, whether on the field, in the team or with management: you are a keen standout colleague and coordinate work among people from different areas or divisions. A good relationship builder with strong diplomacy skills
