Validate the existing client Splunk architecture and recommend best practices
Validate the client logs and forwarders prior to onboarding to Accenture Cyber Defense Platform.
Develop use case for User Behavior Analytics, Big Data Analytics etc
Continuously validate the existing IR use cases and response plan & suggest any amendments for technical and process improvements
Coordinate or participate in individual or team projects
Write technical articles for internal knowledge base
Provide performance metrics as necessary
Develop and optimize technical processes and coordinate procedure documentation.
Previous Splunk administration or development experience
Design, build and ability to solve complex Splunk integration challenges in both cloud (AWS, Azure) and Datacenter deployments
Hands on experience in with Splunk UBA, IoT, Advanced Threat Detection products and integration with Splunk ES
Troubleshoot Splunk application and infrastructure issues and ability to debug Splunk configuration issues with forwarders, indexers etc.
Monitor the SPLUNK infrastructure for capacity planning, system health and availability.
Automate by development of scripts to automate SPLUNK maintenance and alerting tasks.
Create customized searches and applications using programming and development expertise, including Java, python, shell scripting, and regular expression
Review and recommend application of any newly available and applicable SPLUNK software or policy updates routinely.
Serves as a liaison between development teams and stakeholders to understand and formulate complex security requirements for project/program.
Develop automation for security tools management
Designs, develops or recommends integrated system solutions ensuring proprietary/confidential data and systems are protected.
Evaluate new technologies and processes that enhance security capabilities.
Experience working in a diversified, virtual environment.
Administrational tool development and maintenance.
Desirable to have some advanced Certification such as;
Splunk Certified Architect
Splunk Certified Admin