7 Splunk Siem Jobs

Company Profile Lennox (NYSE: LII) Driven by 130 years of legacy, HVAC and refrigeration success, Lennox provides our residential and commercial customers with industry-leading climate-control solutions. At Lennox, we win as a team, aiming for excellence and delivering innovative, sustainable products and services. Our culture guides us and creates a workplace where all employees feel heard and welcomed. Lennox is a global community that values each team member's contributions and offers a supportive environment for career development. Come, stay, and grow with us. Job Description Pursue specialization in specific areas of security operations, such as threat hunting, malware analysis, or digital forensics, through targeted training and hands-on experience. Utilize Splunk SIEM and CrowdStrike EDR tools to monitor, detect, and respond to security incidents. Develop and execute security monitoring strategies and initiatives, working closely with the SOC management team to align efforts with organizational goals. Create and maintain standard operating procedures (SOPs) to ensure consistent and effective security operations. Support Monitoring Team to take remote session with user for troubleshooting the user machines to remove malware. Lead the preparation and delivery of weekly presentations to provide executive-level insights into SOC operations, including key metrics, trends, and emerging threats. Take ownership of false positive report preparations, ensuring accurate identification and documentation of false positives to improve detection and response capabilities. shift-leading capabilities, managing SOC operations during assigned shifts, including supervision of GET/Associate Security Analysts and coordination of incident response activities. Collaborate with the Security Specialist team on high-priority security incidents, providing expertise and assistance as needed to facilitate incident resolution. Flexible to Provide support to 24/7 L1 Monitoring shift members Qualifications Proven experience using Splunk SIEM, including the ability to analyze prepared use cases, contribute to the creation of custom dashboards, and fine-tune false positive alerts. Good knowledge of SIEM architecture. Excellent skills in email security incident handling, including investigating phishing emails and providing verdicts, as well as basic knowledge of Office 365 Email Exchange. Experience with CrowdStrike EDR for security monitoring and threat detection, along with static and dynamic malware analysis and interactive sandbox report analysis capabilities. ITIL tool experience, particularly with Service-Now. Exposure to firewall and WAF log analysis. Strong knowledge of security SOP creation and maintenance. Basic knowledge of file integrity monitoring. Understanding of security compliance frameworks such as PCI and NIST. Basic understanding of vulnerability management and experience with tools such as Rapid7 and Nessus. Experience with cloud security monitoring, including AD risky detections and Defender for Cloud. Excellent communication and presentation skills. Commitment to continuous learning and professional development. Flexibility to work shifts from 1 PM to 10 PM and 3 PM to 12 AM

We are looking for an experiencedSr. Splunk Consultantto design, manage, and optimize our SIEM and log management infrastructure. 7+ years of hands-on experiencein SIEM, particularly with Splunk (UF, HF, SH, Indexer Clusters) Design, deploy, and managescalable Splunk architectures Optimizelog ingestion, parsing, normalization, and license usage IntegrateSplunk with third-party toolssuch as ELK and DataDog Identify and filtersecurity vs. non-security logsbased on relevance and compliance Ensurecompliance with German data protection standardsand implementdata parsimony Apply strong knowledge ofLinux administrationandSyslog configurations Automate tasks usingscripting languages(Python, PowerShell, Bash) Understand and evaluatenetwork architecturefor security impact and log flow Prepare and maintain documentation:HLDs, LLDs, implementation guides, operational manuals Relevant skills:Splunk, ELK, DataDog, Linux, Syslog, Python, PowerShell, Bash, SIEM architecture, data compliance

Company Profile Lennox (NYSE: LII) Driven by 130 years of legacy, HVAC and refrigeration success, Lennox provides our residential and commercial customers with industry-leading climate-control solutions. At Lennox, we win as a team, aiming for excellence and delivering innovative, sustainable products and services. Our culture guides us and creates a workplace where all employees feel heard and welcomed. Lennox is a global community that values each team member's contributions and offers a supportive environment for career development. Come, stay, and grow with us. Job Description Pursue specialization in specific areas of security operations, such as threat hunting, malware analysis, or digital forensics, through targeted training and hands-on experience. Utilize Splunk SIEM and CrowdStrike EDR tools to monitor, detect, and respond to security incidents. Develop and execute security monitoring strategies and initiatives, working closely with the SOC management team to align efforts with organizational goals. Create and maintain standard operating procedures (SOPs) to ensure consistent and effective security operations. Support Monitoring Team to take remote session with user for troubleshooting the user machines to remove malware Lead the preparation and delivery of weekly presentations to provide executive-level insights into SOC operations, including key metrics, trends, and emerging threats. Take ownership of false positive report preparations, ensuring accurate identification and documentation of false positives to improve detection and response capabilities. Shift-leading capabilities, managing SOC operations during assigned shifts, including supervision of GET/Associate Security Analysts and coordination of incident response activities. Collaborate with the Security Specialist team on high-priority security incidents, providing expertise and assistance as needed to facilitate incident resolution.Flexible to Provide support to 24/7 L1 Monitoring shift members. Qualifications Proven experience using Splunk SIEM, including the ability to analyze prepared use cases, contribute to the creation of custom dashboards, and fine-tune false positive alerts. Good knowledge of SIEM architecture. Excellent skills in email security incident handling, including investigating phishing emails and providing verdicts, as well as basic knowledge of Office 365 Email Exchange. Experience with CrowdStrike EDR for security monitoring and threat detection, along with static and dynamic malware analysis and interactive sandbox report analysis capabilities. ITIL tool experience, particularly with Service-Now. Exposure to firewall and WAF log analysis. Strong knowledge of security SOP creation and maintenance. Basic knowledge of file integrity monitoring. Understanding of security compliance frameworks such as PCI and NIST. Basic understanding of vulnerability management and experience with tools such as Rapid7 and Nessus. Experience with cloud security monitoring, including AD risky detections and Defender for Cloud. Excellent communication and presentation skills. Commitment to continuous learning and professional development. Flexibility to work shifts from 1 PM to 10 PM and 3 PM to 12 AM.

Key Responsibilities: Splunk ITSI Implementation: Develop and configure IT Service Intelligence (ITSI) modules, including KPI creation, service trees, and notable event aggregation. SIEM Development: Design, implement, and optimize Splunk SIEM solutions for threat detection, security monitoring, and log analysis. Dashboard & Visualization: Create advanced dashboards, reports, and visualizations using Splunk SPL (Search Processing Language). Data Ingestion & Parsing: Develop data onboarding, parsing, and field extractions from various log sources, including cloud and on-prem infrastructure.

Key Responsibilities: Splunk ITSI Implementation: Develop and configure IT Service Intelligence (ITSI) modules, including KPI creation, service trees, and notable event aggregation. SIEM Development: Design, implement, and optimize Splunk SIEM solutions for threat detection, security monitoring, and log analysis. Dashboard & Visualization: Create advanced dashboards, reports, and visualizations using Splunk SPL (Search Processing Language). Data Ingestion & Parsing: Develop data onboarding, parsing, and field extractions from various log sources, including cloud and on-prem infrastructure.

Key Responsibilities: Splunk ITSI Implementation: Develop and configure IT Service Intelligence (ITSI) modules, including KPI creation, service trees, and notable event aggregation. SIEM Development: Design, implement, and optimize Splunk SIEM solutions for threat detection, security monitoring, and log analysis. Dashboard & Visualization: Create advanced dashboards, reports, and visualizations using Splunk SPL (Search Processing Language). Data Ingestion & Parsing: Develop data onboarding, parsing, and field extractions from various log sources, including cloud and on-prem infrastructure.

We are looking for an experienced Sr. Splunk Consultant to design, manage, and optimize our SIEM and log management infrastructure. 7+ years of hands-on experience in SIEM, particularly with Splunk (UF, HF, SH, Indexer Clusters) Design, deploy, and manage scalable Splunk architectures Optimize log ingestion, parsing, normalization, and license usage Integrate Splunk with third-party tools such as ELK and DataDog Identify and filter security vs. non-security logs based on relevance and compliance Ensure compliance with German data protection standards and implement data parsimony Apply strong knowledge of Linux administration and Syslog configurations Automate tasks using scripting languages (Python, PowerShell, Bash) Understand and evaluate network architecture for security impact and log flow Prepare and maintain documentation: HLDs, LLDs, implementation guides, operational manuals Relevant skills: Splunk, ELK, DataDog, Linux, Syslog, Python, PowerShell, Bash, SIEM architecture, data compliance Location : Gurugram