Title Splunk Security Architect

You have an exciting opportunity to join our team as a Splunk Enterprise Security Specialist in Hyderabad. You should have 5-8 years of experience and expertise in Splunk ES architecture. Your responsibilities will include integrating Splunk with various security tools and technologies across different domains like Process control Domain/OT and Operations Domain/IT. You will be administering and managing the Splunk deployment for optimal performance, implementing RBAC, and developing custom Splunk add-ons for ingesting, parsing, and filtering incoming logs. Collaborating with SOC team members, you will understand security requirements and objectives, implementing Splunk solutions to enhance threat detection and incident response capabilities. You will integrate different security controls and devices such as firewalls, Endpoint Detection and Response (EDR) systems, Proxy, Active Directory (AD), and threat intelligence platforms. Your role will involve developing custom Splunk correlation searches, dashboards, and reports to identify security incidents, investigate alerts, and provide actionable insights to SOC analysts. You will also create highly efficient custom dashboards for different teams to facilitate security risks, threat, and vulnerability investigations. Additionally, you will conduct threat hunting exercises using Splunk to proactively identify and mitigate potential security threats and vulnerabilities. You will assist in the development and refinement of SOC processes and procedures, leveraging Splunk to streamline workflows and enhance operational efficiency. Your responsibilities will also include implementing Splunk for various automations of SOC SOP workflows. To be successful in this role, you should have experience in designing and implementing Splunk ES architecture, integration with security tools and technologies, security monitoring, incident response, security analytics, and reporting. You should also have strong collaboration and communication skills. Additionally, you will be responsible for the implementation and management of Splunk Enterprise Security, migration/scaling of the Splunk Environment from Windows to Linux, and enhancing the performance, reliability, and availability. You will also implement and integrate the SOAR platform (Splunk Phantom) and User Behavior Analytics (Splunk UBA/UEBA) with the existing Splunk Infrastructure, supporting and enhancing operations with automations wherever possible.,