Description
Splunk/Security Analytics Expert required for a 9 month contract assignment, located in Oslo/Norway.
Responsibilities:
- Developing a series of Splunk Dashboards, Alerts and reports based on our use case descriptions
- The user cases presented will be on a high level, and the expert should be able to translate from the high level down to low level of what specific information in which event logs should be correlated and how, then presented through alerts/dashboards/reports
Required completeness:
- Expert in configuring Dashboards in Splunk
- Expert in configuring Alerts in Splunk
- Good Python Scripting knowledge. Especially around extracting data from files/LDAP/databases and manipulating such data
- Good knowledge the content of Windows & Linux event logs
- Good Knowledge of Network Logs (Cisco/Checkpoint)
- Skills with other types of logs are an added bonus (Web Server, database, specific application logs and experience working with custom logs)
- Good skill in use case writing