3 plus years of experience in Spunk (SIEM) Security Enterprise: architecting, configuring, deploying, and customizing the tool, preferably both in supporting the application and utilizing the application for information security monitoring, incident response, and compliance
Onboard new data sources to the Splunk environment as required by the customer Cybersecurity Team for monitoring by the client SOC
Configuration of Correlation Searches, Dashboard Searches, Risk Modifiers, Threat Intelligence Feeds, Workflow Actions and Enterprise Security content
Validate and Manage all Splunk forwarders reporting into the Splunk environment
Manage and optimize the Splunk environment, Enterprise Security Module and Phantom Module.
Implement new Correlation Rules (Correlation Searches) in the Splunk envi...