Must Have Technical/Functional Skills
- Splunk Architect or Admin Experience
- Splunk Enterprise Security administration
- Design of Splunk Single Site or Multi-site distributed deployment or Splunk Cloud Administration
- Splunk Software Upgrade and management of HF and UF
- Splunk TA-addon, Search Apps deployment
- Experience in Splunk SPL language writing the Cyber security correlation rule
- Create splunk dashboards, write splunk search, familiar with splunk search functions. create search alerts.
- Should have experience in Cyber Security
- Splunk Data model(CIM) development
- Splunk field extractions and regular expressions
- Splunk knowledge objects development, event types, macro creation
- Splunk Data on-boarding experience for Security devices, OS platform, Application logs,
DB audit trail logs and Custom addon creation
- Create splunk deployment server apps and Deployment of apps
- Splunk TA addon installation, create parsing rules and transform rules.
- Splunk Enterprise Security experience preferred
- Splunk DB connect app Management and troubleshooting
- Splunk HF/UF and HEC management
- Syslog-NG or rsyslog configuration management
Splunk Workflow actions creation management
Roles & Responsibilities
- Designs and optimizes Splunk implementation, development, and deployment of custom, Splunk, Premium and Free Apps and platform architecture for large-scale and distributed deployments
- Establishes best practices and development standards, and ensures that the team adopts them for splunk
- deployment
- Maintains a close partnership with Splunk on feature requests, upgrade planning, and product roadmap alignment
- Use Splunk as the primary security platform for your work
- Propose innovative uses cases for security and compliance and create rapid prototypes and implement and map
- MITRE framework
- Design and implement dashboards and reports.
- Manage data onboarding and defining configurations
- Performs data interpretation, classification, and enrichment
- Manages knowledge objects (fields, extractions, tags, event types, lookups, workflow acti ons, aliases, macros,
- and so on)
- Configures summary-based reports and data model acceleration
- Develops and maintains system, process, training, and documentation for the platform, operations, and
- monitoring components of the solution.
- Works cross-functionally to analyze and resolve systems problems.
- Provides functional backup for the operation of system tools/utilities platforms outside the incumbent's primary
- system responsibilities as required.
- Strong Understanding of MITRE framework and other threat modelling framework
- Work in an Agile based model with aggressive delivery timelines
Generic Managerial Skills, If any
- Exposure to modern programming in at least one or more modern languages (Python, JavaScript, PowerShell)
- Expertise in data visualization.
- Familiarity with engineering concepts is a must - system integration, technical architecture, business intelligence, infrastructure, technology research, new technology development, etc
- Experience implementing and/or consulting on DevOps principles.
- Hands-on experience with continuous delivery pipelines, testing strategies, and quality validation.
- Out-of-the-box thinker driven to lower costs using conventional/non-conventional solutions.
- Excellent time management and organizational skills.
- Project Management activities
- Analyze security events and alerts to identify potential threats and anomalies.
- proficiency in scripting language (eg., Python, PowerShell) for automation and integration tasks
- strong analytical and problem-solving skills with attention to detail
- Certifications and Trainings
- Splunk Admin Certification or Architect certification desired
- Splunk Cloud Administration desired
- Splunk Enterprise Security Admin
- Splunk Core Certified Power user
- Splunk Troubleshooting
- Splunk Architecting and Deployment
- Splunk Knowledge Manager and Search expert level trainings
Salary Range: $130,000-$160,000 a year
TCS Employee Benefits Summary
Discretionary Annual Incentive.
Comprehensive Medical Coverage: Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans.
Family Support: Maternal & Parental Leaves.
Insurance Options: Auto & Home Insurance, Identity Theft Protection.
Convenience & Professional Growth: Commuter Benefits & Certification & Training Reimbursement.
Time Off: Vacation, Time Off, Sick Leave & Holidays.
Legal & Financial Assistance: Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing.
