SIEM - Adiminstrator

SP Staffing Services (P) Ltd
  • Chennai, Hyderabad
  • Confidential
  • 3-7 years
  • 25 Sep 2015

  • Administration/ Facilities

  • IT/ Technology - Software/ Services
Job Description

1. Day to Day Operational support for IT Security and incident management
2. Experience with SIEM tool
3. Deployment of Splunk App for Enterprise security (indexes, forwarders, search head)
4. Administration of Splunk (policy configuration, integration of log sources with Splunk, creating and managing data models, capacity planning and fine tuning, application integration with Splunk , license management etc. )
5. Writing the search query and co-relation rules on Splunk application logs. (Predictive analysis query, search query, multi domain asset based and tagging related queries and creating dash boards)
6. Ability to perform incident review and assessment (risk analysis, user activity, access anomalies, threat activity and artifacts etc.)
7. Security Incidence Response & Forensics is an advantage
8. Knowledge of various platforms like Windows/Linux/Unix/Solaris
9. Knowledge of network security, systems security
10. ITIL trained

About Organisation

SP Staffing Services (P) Ltd