Position Responsibilities: Work with Product Owners of splunk to capture critical logs for apps/infra and ensure that the correct content is getting into splunk and partnering with cyber security partners who are their primary customers another team in ICS then leverages that info to create additional security measures based on the logs
Position Qualifications (Note Must Have vs. Nice to Have): Must haves
- Fundamentals of splunk do searches/queries, understanding of indexes and how they are used, read events in splunk
- Onboard applications/logs into splunk ingest into splunk
- Experienced in information security in regards to applications, infrastructure servers (linux/windows), infrastructure security (configurations and baselines)
- Different types of security events and their logs
- zure/GCP experience in onboarding cloud applications to either splunk or something similar
- Experience with reporting and PowerBI tools
- Scripting languages mostly python but other scripting is okay
Nice to Have
- Google chronicle experience
ny Specific Previous Industry Experience Required or Preferred (or specific companies prefer talent from):
Financial experience specifically is a plus
Benefits: