Cyber Defence Splunk Technical Expert

Function Description

Our client is looking for a Splunk Technical Expert to focus on Implementation, Configuration and Administration of Splunk. In your role you will be responsible for the analysis, design, sizing, implementation and operation of our client ESM module on the Splunk platform. Specifically:

  • Platform Engineering

  • Maintain solution architecture in line with business requirements and suggest improvements.

  • Lead the effort and work towards improving the existing process and procedures required for security monitoring operations.
  • Improve the Splunk enterprise environment and extend it with additional Search heads and Indexers.
  • Support the deployment with data feeds from various new log sources.
  • Assist with installation and configuration of new supporting applications.
  • Perform system troubleshooting, editing and maintaining Splunk configuration files and apps.
  • Monitor and maintain Splunk performance, availability and capacity
  • Provide expert best practices in adoption, expansion and creation of use cases in Splunk.
  • Develop custom alerts, dashboards and search queries to support members from Security monitoring team.
  • Maintain technical and user manuals up-to-date.

Education

  • Bachelor/Master or equivalent by experience in IT System administration

Certification

  • Splunk Certified Admin

Languages

  • English Fluent

Required knowledge / Experience

Experience 4+ years of experience in a senior Splunk role working in a clustered Splunk environment with 2+ years of experience with use case creation.

Technical Experience

  • Mandatory Solid and proven experience with the following:

  • Splunk Certified Administrator and/or Splunk Certified Architect

  • Knowledge of enterprise security logging
  • Experience with operations on enterprise-scale environments
  • Experience with Splunk Enterprise Security
  • Splunk administration through UI including app, report, and dashboard permissions, users and roles, deployment server, managing alerts, summary searches, and report accelerations.
  • Splunk development of critical data-related configuration files like props.conf, inputs.conf, transforms.conf, and indexes.conf
  • Splunk development of dashboards, reports, and alerts

  • Experience utilizing best practices for getting data into Splunk

  • Preferable :

  • Linux/Unix background with scripting for automation and troubleshooting.

  • Scripting experience with Regular Expressions, Python, Javascript, XML or other languages ( Perl, Shell, …).
  • SQL Language

Business Experience

  • Mandatory :

  • Used to work in complex environments.

  • Good communicator
  • Customer-orientation

  • Risk consciousness

  • Preferable :

  • Proven experience in Agile way of working

Other

  • Start date: ASAP
  • End date :1/10/22
  • Rate: 650 € per day
Date de publication :
05 Oct 2021
Réponse jusque:
26 Oct 2021