Splunk Enterprise Security Consultant
at ComTech Europe Limited
Helsinki, Etelä-Suomi, Finland -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 28 Sep, 2024 | Not Specified | 29 Jun, 2024 | 3 year(s) or above | Security,Dashboards,Soar,Splunk,Confidentiality | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
ASSIGNMENT DESCRIPTION
Our banking client is looking for a seasoned Splunk Enterprise Security Consultant to help them improve their overall implementation and utilization of the Splunk Enterprise Security App. You will be joining a team that is spread across the Nordics and Poland and consist of highly experienced and broadly experienced professionals. This position can be based in Helsinki, Stockholm, Copenhagen, or Oslo and 50% of work can be remote although candidates should already be based in one of the Nordic countries.
Responsibilities:
Support the development and improvements of the Splunk Enterprise Security app implementation and utilization at client in the following areas:
- Data Model ingestion, architecture and best practices
- Risk-based alerting
- Custom event based correlation searches
- Improve true positive detections and minimize false positives
- Utilization of Splunk curated detections
- Threat Intelligence workflows
- Threat Intelligence feeds and integration of Splunk ES with other security tools (TIP, SOAR, etc.)
- Security workflows
Who you are:
To succeed in this role, you are someone with a technical background as well as an understanding of threat intelligence.
The following experience and competencies are relevant to succeed in this role:
- 3 years of proven professional experience in administering, designing or utilizing Splunk Enterprise Security app for effective detection, alerting and security workflows
- Certifications on Splunk Enterprise Security Certified Admin or Splunk Certified Cybersecurity Defense Analyst is a huge plus
- Highly skilled in SPL queries, dashboards, alerts and various Splunk knowledge objects
- Experience in working with other security platforms and tools that can be integrated with Splunk such as Threat Intelligence Platform and SOAR
- Ability to work independently and as part of a team
- You are open and easy-going, yet with a natural respect towards privacy and confidentiality.
- You are comfortable in a sometimes stressful and priority driven environment.
Language: Fluent in English, both written and spoken
REQUIREMENT SUMMARY
Min:3.0Max:8.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Reporting
Graduate
Proficient
1
Helsinki, Finland