Description
A leading global Consulting company is seeking to recruit Splunk Architect on an initial 6 month contract to be based in London.
Skills required:
*Very strong skills with Splunk Enterprise Security(ES) with strong ability to architect, design and deploy in Enterprise environments
*Strong skills in all relevant functions of Splunk ES used for Security operations
*Strong skills in conceptualizing, designing and building dashboards using Splunk ES
*Very strong hands on skills on automation and response features and associated configuration aspects (Phantom)
*Strong knowledge of security incident analysis tool incident workbench
*Provide technical leadership for Splunk ES (SIEM) to support security operations teams when needed
*Strong experience in migration of SIEM platforms to Splunk ES for security monitoring
*Coordinate SIEM platform efforts across multiple business units as part of design/implementation
*Very good experience/knowledge on Splunk UBA capability, Phantom for Orchestration
*Skill in integration of Splunk ES with various threat intelligence sources
*Knowledge of other SIEM platforms and their architecture
*Conduct proof-of-concept reviews for new security products & Splunk integration
*Prepare reports, summaries, and other forms of communication that may be both internal and client facing.
*Maintaining familiarity with industry trends and security best practices like MITRE Att&ck framework that can be leveraged for customizing Splunk ES platform for investigation and response
*Work/guide on Scripting like Python, Perl, Bash and/or Shell Scripting
*Certified in Splunk admin & Splunk ES