SIEM Engineer

Immediate Openings on SIEM Engineer_Contract_Pan India
Notice Period:Immediate.
Type: Contract

Key Accountabilities
Building, maintaining, and operating Splunk Enterprise and Splunk Enterprise Security SaaS SolutionBuilding Co-relation searches for Cyber Operation requirementsEvaluating and analysing business requirements and designing suitable solutions, challenging requirements where necessaryManaging, co-ordinating and implementing technical project activities and enhancements to servicesConducting Incident/ Problem/ Recovery activitiesSupporting the Joint Operations Centre and incident response teams for detected security events.Creating and maintaining accurate and high-quality documentationSupporting Operational effectiveness auditStructure phased deliverables to link long term vision with time-boxed activities.Support the project delivery phase including testing and training, to ensure the agreed business solutions are delivered successfully.Work closely with developers and testers, to ensure delivery of the functionality on time and with quality.Stakeholder Management and LeadershipNegotiate and solicit engagement and support at all levels of the organisation, particularly where support is low or challenging.Communicate clearly and regularly.Typically faces off to AVP VP level stakeholders.Considers the impact of their actions and decisions on key stakeholders, seeking to deliver a positive outcome for those involved.Decision-making and Problem SolvingApply evaluative judgement and analytical skills to operate effectively within a complex and changing environment.Understand the requirements and perspectives of stakeholders and integrate into their understanding of complex situations.Demonstrates a broad understanding of how the bank operates and the metrics used to measure performanceAnalyses problems and evaluates options in a logical and systematic way.Seeks the advice of stakeholders to better create clarity in complex situations, understand problems, evaluate options and make decisions

What were looking for:
Knowledge of Splunk Enterprise architecture, distributed components (indexer clusters, forwarders, search head clusters, deployment servers) , knowledge of Splunk CloudKnowledge of Splunk Enterprise Security at administration and use case levelKnowledge on on-boarding new data into Splunk, Splunk Forwarders - data ingestion, extraction.Knowledge of the Common Information Model, data models, enrichment, and automationGood experience on Splunk add-Ons installation configuration to bring security logs into Splunk.Good understanding of the Security Domain.Documentation skills in order to provide high quality documentation for internal customers and technical teams.