Splunk Content Developer

Your responsibilities would include but are not limited to the below: -

· Creating Reports and scheduling it and knowledge on constructing Splunk friendly regex expressions and optimising Splunk search queries.

· Custom Field Extraction Using Regular Expressions at Search Time and Index Time.

· Onboard, Optimise and Offboard use cases based on the organization requirements.

· Directly communicate application owners to collect required application data points (Login/Logout, Audit/History, ID Management, Profile Management).

· Created schedule alerts and ran using cron expressions with specific time ranges.

· Involved in installing and using Splunk app for windows and UNIX.

· Developing Application Security and Platform Security Dashboards.

· Create processes, documents, SOPs for multiple use cases handled by SOC Team.

· Experience in creating knowledge documents, strong problem-solving skills to troubleshoot and understand technical tasks.

What is in it for you?

· You are a part of a brand-new org. setup – with a clean slate and a mission to build a People first organization.

· You work beyond borders, with international teams seeking and imparting learning through shared/individual experiences and knowledge through the community.

What are we looking for?

Must have Requirement

· Bachelor's degree in education in CSE, ISE, ECE etc.

· At least 6 years of professional experience of working in MSSP environment.

· 5+ years of experience on Splunk with minimum 3 years in Content Development.

· Experience in SOC Incident analysis with an exposure to information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, EDR and cloud security tools.

· Good understanding on networking concepts.

· In depth knowledge of security data logs and an ability to create new content on advanced security threats on a need basis as per Threat Intelligence.

· Good experience in writing queries/rules/use cases for security analytics (ELK, Splunk or any other SIEM platform) and deployment of content.

· Excellent communication, listening & facilitation, and problem-solving skills.

Good to Have

· Splunk Power User Certification.

· Knowledge on scripting language.

· Knowledge on Industrial Control System is a good add-on.

· Understanding of MITRE Attack Framework.

Industries:Computer Software, Consumer Electronics, Information Technology & Services