استخدام Senior SOC Specialist (Splunk Analyst)
شرح موقعیت شغلی
Key Responsibilities:
· Develop and execute advanced and complex Splunk searches to retrieve, analyze, and visualize data.
· Optimize existing Splunk queries for performance and efficiency.
· Interpret and analyze data from various log sources to identify patterns, anomalies, and trends.
· Provide insights and actionable recommendations based on search results and data analysis.
· Work with Splunk Engineers to Ensure all data is CIM compliant
· Design, create, and maintain basic dashboards to provide a clear visual representation of data.
· Configure, manage and optimize Splunk alerts to notify relevant stakeholders about critical events or anomalies, reduce false positives, and ensure timely issue detection.
· Generate regular and ad-hoc reports using Splunk’s reporting capabilities and basic visualizations, ensuring accuracy, relevance, and alignment with business objectives
· Customize Splunk visualizations (e.g., charts, graphs, tables) to represent data clearly and effectively.
· Ensure data integrity and consistency across all Splunk searches, dashboards, alerts, and reports. Troubleshoot and resolve data discrepancies and issues promptly.
· Work closely with IT, security, and business teams to understand their data needs and provide relevant Splunk solutions.
· Document search queries, dashboards, alert configurations, and report specifications for future reference and knowledge sharing.
· Demonstrates punctuality and reliability in meeting individual deadlines.
· Partner with system owners and correct any logging issues
· Partner with system owners to correct any issues with data ingestion
· Maintain Splunk systems internal documentation, including SOP’s and design documents
Minimum Qualifications:
· 5 years of Information Technology Experience
· Bachelor of Science in Computer Science, Information Systems, Mathematics, Engineering, related degree or an additional two (2) years of experience.
· 2+ years of Splunk administration, analyst, or engineering experience.
· Experience with data analysis, visualization techniques, and best practices in Splunk.
· Proven ability to interpret and analyze data from various log sources to identify patterns, anomalies, and trends.
· Splunk Core Certified Power User
· Knowledge and Experience working with Splunk API
· Working knowledge of regex
· Working knowledge of JSON and XML formats
· Verbal/written communication skills, e.g. working with customers/users who are not as familiar with Splunk
Preferred Qualifications:
· Splunk Core Certified Advanced Power User, Splunk Enterprise Certified Admin, Sec+, CEH, etc.
· Experience working in a Security Operations Center as a SOC or Incident Response Analyst
· Experience with HTTP coding.
· Experience with scripting languages (Perl, Bash, PowerShell, Python, Shell)
· Experience with correlation searches in Splunk, advanced dashboards, advanced Splunk Visualization
مهارتهای مورد نیاز
- soc
- specialist
- HTTP
حداقل سابقه کار
- سه تا شش سال
جنسیت
- مهم نیست
وضعیت نظام وظیفه
- معافیت تحصیلی معافیت دائم پایان خدمت