We are an IT Solutions Integrator/Consulting Firm helping our clients hire the right professional for an exciting long term project. Here are a few details.
Key Responsibilities
SIEM Migration & Implementation
Plan and execute SIEM migrations, including data transfer and validation.
Implement and configure Splunk SIEM solutions aligned with organizational security needs.
Log Onboarding & Normalization
Onboard diverse log sources into Splunk, ensuring proper parsing and CIM compliance.
Build and maintain data models, field extractions, and parsing logic.
Content Development & Tuning
Create, refine, and optimize detection rules, correlation searches, dashboards, and alerts.
Reduce false positives and enhance detection accuracy.
Troubleshooting & Platform Management
Identify and resolve ingestion, parsing, and performance issues.
Maintain Splunk platform health, availability, and scalability.
SIEM Optimization & Administration
Optimize indexing, storage, and search performance.
Administer Splunk components (indexers, search heads, forwarders, etc.), including upgrades and patches.
Deployment & Solution Delivery
Deploy Splunk SIEM solutions across on-premises and cloud environments.
Partner with stakeholders to deliver robust security monitoring solutions.
Gap Analysis & Use Case Development
Perform log source and use case gap analysis to strengthen monitoring coverage.
Develop new use cases aligned with emerging threats.
Required Skills & Qualifications
3+ years of hands-on Splunk SIEM experience (Splunk Enterprise Security preferred).
Strong grasp of SIEM concepts, security operations, and log management.
Proficiency in log source onboarding, parsing, and CIM compliance.
Experience developing and tuning detection rules, dashboards, and alerts.
Strong troubleshooting skills across Splunk platform and security content.
Proven experience in Splunk administration, deployment, and health monitoring.
Knowledge of SIEM optimization best practices.
Ability to perform gap analysis and provide actionable insights.
Strong communication and documentation skills.
Splunk certifications (e.g., Admin, Enterprise Admin, Architect) are a plus.
Preferred Experience
Solid knowledge of security concepts.
Hands-on experience with cloud-based SIEM (AWS, Azure, GCP).
Familiarity with scripting languages (Python, Bash) for automation.
Exposure to other SIEM tools (QRadar, Sentinel, SecOps, XSIAM, etc.).
Successful companies gain back 30% of their budget & time each year. How?
They partner with Alignity to solve their challenges in
- Digital Transformation
- Employer Branding & Hiring
- Performance Innovation
See others share their specific benefits by partnering with us:
Clients: https://alignity.io/talent-acquisition/#WhyClientsTrustUs
Employees: https://alignity.io/candidate-services/#WhyEmployeesLoveUs
Connect with us if you are looking for Outsourcing, Staffing solutions in below niches
- Cloud/Data
- Cybersecurity
- AI/ML
- Fullstack
- Agile
- SAP
