Splunk Tech Lead - Security Operations Center/DLP (5-13 yrs) Bangalore (DevOps)
Wikata Consulting Services Pvt. Ltd.
Bangalore, India
3d ago
source : hirist.com

Job Description :

  • 5+ years of working experience within SOC / Splunk and DLP
  • At least 4 years of working experience in a SOC at L2 or L3 level on Splunk technology
  • In-depth understanding & Install / upgrade the Splunk solution components in on-prem and on Splunk cloud
  • Develop the specific content necessary to meet the organization's security operations goals, to include : the formation of content-specific queries, templates, reports, rules, alerts, dashboards, and workflows
  • Integrate data and event feeds with Splunk solution.
  • Expertise with logging configuration of network, security devices, servers
  • Excellent understanding of network infrastructure, operating systems and databases
  • Expertise in troubleshooting technical issues in Splunk SIEM solution.
  • Fine tuning of existing SIEM rules to reduce false positives and creation of new rules from new use cases
  • Perform regular review of incidences resolved by operations team to identify potential crisis
  • Manage & monitor operations team to ensure that incidents are closed within defined TAT and SOPs are followed
  • Create review incident response plan, conduct drills and follow the same in case of any incident
  • Troubleshoot log source integration issues on servers, active directory, firewalls and cloud.
  • Document, review and maintain SOC standard operating processes
  • Experience in design and implementation of at least one DLP solution
  • Experience integrating data protection solutions with other security solutions and business intelligence solutions
  • Stabilize and optimize DLP system performance, including rules and reports.
  • Hands-on experience in DLP component upgrades, installs, testing and configuration.
  • Provide a single point of contact and hands-on escalation and remediation for critical issues.
  • Ability to interact with senior stakeholders as well as other functions across a global organization.
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form