Your new company
Your new role
The Security Event Management (SEM) team is the primary team responsible for gathering and providing Security Intelligence into the SIEM platform. Correlation of security events, infrastructure devices, and application events are presented to the Global Security Operations Centers (SOC) for evaluation of investigation or false positive identification. What You Will Do:
• Work directly with Infrastructure and Application teams to align security and event applications with predetermined SOC use cases that provides the intelligence necessary for investigations.
• Work within the Security Strategy to onboard the identified number of applications across all Business Units (BU), provide direction and guidance to the Business when difficulties arise with streaming events into the SIEM.
• Assist in managing time resources and commitments with your customers to ensure onboarding activities are completed on time and in scope.
What you'll need to succeed
• Splunk Core experiences with Deployment Server configuration experience
• Splunk Core experience with Infrastructure support knowledge (Indexers, Search Heads)
• HTTP Event Collector (HEC) experience for streaming to endpoints
• Unix / Linux OS experience, Next Gen Firewall experience, Endpoint Threat Detection experience
• Experience with proper source typing
• Familiarity with Syslog technology
• RegEx and stream parsing experience
• Bachelor degree or equivalent training, education, and work experience
• 5 years of Splunk SIEM (Core, ES, etc) experience
What you'll get in return
• Competitive salary
• Annual bonus
• Cafeteria
• Flexible home office
What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion on your career.