Description
Job Details:
Role - Splunk Enterprise Security Consultant
Location - Prague, Czech Republic/Remote
Start date - ASAP
Job Description:
Requires hand on experience of Splunk ES - biz rule implementation experience
- Making use of accelerated data models for Splunk Enterprise Security rules
- Configure correlation searches with summaries only
- Manage Splunk roles on Enterprise Security to make sure the proper capabilities are set to the proper users and no more than those.
- Create Macros that will provide the abstract categorizations the client requires to get the in-context results.
- Fill in the SOC team with the tools of Investigations, Swimlanes and Glass Tables
- Use existent rules, update the set of rules with newly released ones and align with the client for custom-based scenarios in Correlation Searches.
- Align Priority and Severity of Assets and Identities with client. Monitor Risk, analyse and configure it