Splunk Detection Engineer - Splunk ES Certified
Splunk Detection Engineer - Splunk ES Certified
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Tasks
- Develop and implement advanced threat detection strategies using Splunk ES to identify potential security incidents.
- Collaborate with crossfunctional teams to optimize Splunk queries and dashboards for efficient threat analysis and reporting.
- Conduct regular reviews and updates of existing detection rules and alerts to ensure their effectiveness and relevance to emerging threats.
- Provide expert guidance and support during incidents by leveraging Splunk ES capabilities to perform indepth forensic investigations.
- Stay updated on the latest cybersecurity trends and Splunk ES features to continuously enhance detection methodologies and improve security posture.
Requirements
- Splunk Detection Engineer
- L2 Splunk Detection Engineer: (5 years Splunk engineering experience specialty in detection & automation)
- 2.1 Create and tune detections (i.e. Correlation Search).
- 2.2 Incorporate context into detections (i.e. Correlation Search).
- 2.3 Understand and create riskbased modifiers and detections.
- 2.4 Generate effective Notable Events/findings.
- 2.5 Create and maintain a detection lifecycle.
- Develop automation and orchestration for standard operating procedures.
- Optimize Case Management.
- Describe and utilize REST APIs.
- Automate responses using SOAR playbooks.
- Compare and validate integrations and automation capabilities of Enterprise Security and SOAR.
- Develop and optimize security metrics.
- Build and populate effective security reports.
- Build and populate dashboards for program analytics.
Employment Type
Full Time
