Overview
Splunk Platform Management Specialist Jobs in Riyadh at Masader
Title: Splunk Platform Management Specialist
Company: Masader
Location: Riyadh
Splunk Platform Management Specialist – Splunk
Location: Riyadh
Responsibilities and Accountabilities:
The primary objectives of Platform Management Specialist- Splunk are to participate and lead the delivery of Splunk SIEM Platform Management. The services include administration of a distributed Splunk SIEM Platform. The role would also require Integration of Splunk with a wide variety of data sources and industry leading commercial security tools that use various protocols including vendors specific threat feeds. Consult with customers to customize and configure Splunk along with developing use cases for security monitoring.
· Administration of SIEM environment (eg: deployment of solution, user management, managing the licenses, upgrades and patch deployment, addition or deletion of log sources, configuration, management, change management, report management, manage backup and recovery etc.)
· Security Use case development, Construction of SIEM content required to produce Content Outputs (e.g., correlation rules, reports, report templates, queries)
· Should be thorough in troubleshooting Splunk platform and application issues, escalate the issue and work with Splunk support to resolve issues.
· Integration of customized threat intelligence content feeds provided by the Threat Intelligence and Analytics service.
· Integrate SIEM with a wide variety of supported and unsupported data sources.
· This is a hands-on role, requiring strong technical skills as well as a good understanding of the Cyber security problem and solutions.
Skills and Qualifications:
· Bachelor’s Degree in Engineering/computer science/ Information Technology or other relevant fields.
· In-depth knowledge in core security domain (SIEM and SOC)
· Direct architecture design, administration experience and certifications with one or more SIEM/ Security Solutions (i.e LogRhythm, Splunk, QRadar, ArcSight)
· Minimum 5 years of Experience in SIEM Administration
· Programming and scripting skills.
· Knowledge on MITRE ATT&CK, TTPs
· Good understanding of network protocols & architecture and cloud infrastructure.
Job Type: Full-time
COVID-19 considerations:yes
Ability to commute/relocate:
Riyadh: Reliably commute or planning to relocate before starting work (Preferred)
Experience:
Splunk architecture: 4 years (Required)
splunk data onboarding: 3 years (Required)
arcsight CDF platform: 2 years (Required)
