Application Architect - Splunk
Posted 10/04/2024 by Dabster Systems UK Limited
- Proficient in Splunk Enterprise Security, data analytics, and modeling, with a strong focus on enhancing security posture and incident response capabilities.
- Skilled in configuring Splunk add-ons, developing correlation searches, and integrating DevOps practices to streamline security operations and improve efficiency.
- Extensive experience in risk-based analysis (RBA) and behavior analytics (BA), leveraging advanced techniques to detect and mitigate security threats effectively.
- Proven expertise in Splunk Dashboard Studio, SPL programming language, and data onboarding processes to provide actionable insights and enhance decision-making.
- Knowledgeable in machine learning, ETL engineering, SQL, Tableau, and advanced Excel for data analysis, visualization, and training behavior analytics models.
- Familiar with industry-leading SOAR platforms and automation tools to optimize security operations and drive continuous improvement in threat detection and response.
- Adept at managing engineering teams, bridging the gap between operations and technology teams, and taking ownership of end-to-end tasks to deliver robust security control frameworks.
- Strong communication and leadership skills, with a track record of collaborating with cross-functional teams, reporting to technical leads, and providing regular updates on project progress.
- Strong background in DevOps, Shell scripting, Python, and Jenkins
- Expertise in writing efficient SPL (Splunk Programming Language) and ETL Engineering
- Integrated Splunk ITSI with other monitoring tools and systems to create a unified view of IT operations.
- Conducted security assessments and audits using Splunk to identify vulnerabilities and recommend remediation actions.
- Experience in configuring, implementing. analysing and supporting Splunk server infrastructure across Windows, UNIX and Linux.
- Experience with a variety of Operating Systems, Protocols and Tools depending on the type of platform or application to be administered.
- Implemented Splunk solutions in highly available, redundant, distributed computing environments
- Expertise with Splunk UI/GUI development and operations roles.
- Deploy new Splunk instances, including clustered deployments and apps
- Optimize searches and implement post processing on dashboards.
- IT Network Security professional with experience in Wireless / Optical networks, Core Routing and Switching, High Availability, Network Security (IDS/IPS, UTM, etc), and Cyber Security (Splunk, FireEye, JunOS Space, Panorama, etc.)
- Along with the XCWT and XCWP, JNCIA and JNCIS-SEC, Palo Alto ACE, Splunk Certified User 6.x, FireEye FSE, CCNA Cyber Ops, Fortinet NSE 1&2, CyberArk Certified Trustee, and Sumo Logic Fundamentals and Search Mastery certifications.
Technical Skills
- Implemented monitoring solutions for enhancing system performance and reliability.
- Automated routine tasks and streamlined monitoring processes, improving operational efficiency.
- Integrated monitoring tools into CI/CD pipelines, facilitating seamless deployment and monitoring.
- Proficient in Splunk, GCP Cloud, Splunk Enterprise Security, SOAR
- Knowledge of cybersecurity best practices and frameworks
- Experience in incident response and security operations
- Proficient in scoping, implementing, and running MS Sentinel.
- Understanding of security road mapping and implementing security measures for the full Microsoft stack.
- Log Analysis Tool: Splunk Enterprise Server, Splunk Universal Forwarder, Splunk DB Connect
- Operating Systems: Linux, Windows Server, VMWare
- Networking: TCP/IP Protocols, Socket Programming, DNS
- Cyber security: Cryptographic protocols and algorithms, VPN protocols, IPSec VPN, Firewalls
- Cloud computing and virtualisation: Virtual Box, OpenStack, Hadoop, AWS EC2, Docker
- Programming: C, Java, SQL, HTML, XML, CSS, Python
.
- Type:
- Permanent
- Contract Length:
- N/A
- Contact Name:
- Login or register to view
- Job Reference:
- 24-00464-1314-3
- Job ID:
- 1276000000000005669
Remember: You should never send cash or cheques to a prospective employer, or provide any financial information. Please get in touch if you see any roles asking for payments or financial details from you. For more information, visit jobsaware.co.uk.