Splunk ES Consultant - M19
|Job Title:||Splunk ES Consultant - M19|
|Contact Name:||Vinthosh Sadhai|
|Job Published:||September 03, 2021 14:23|
- IMMEDIATE START!!
- Contract/Perm - Your Choice!
- Remotely Work From Home
FinXL IT Professional Services is a leading IT services organisation providing a broad range of solutions to assist large Australian enterprises and Government departments to deliver IT projects.
We are currently seeking someone with expertise in the Splunk ES skillset. Note that you must have Splunk Enterprise Security Certification or hands on experience. The resource will be predominantly working in the Security space Administering Splunk Enterprise Security and working with the SOC to perform Integration and Tuning for the Platform.
- Configure, maintain, and create functionality on Splunk ES platform
- Bring bulk data into Splunk ES CIM compliance
- Integrate data into ES notables
- Tune notables / detections for improved accuracy
- Create automations and frameworks to improve the effectiveness of Integration and Tuning team activities
- Work with platform owners and Splunk administrators to improve data and detection quality
Attributes + Experience
- Demonstrated experience with Splunk ES
- Experience with data ingestion/onboarding to Splunk using monitoring inputs, network inputs, scripted inputs and RestAPIs
- Experience with the Splunk Machine Learning Toolkit preferred
- Splunk Architect Certification
- Splunk Enterprise Security Certified Admin
- Python development experience
- Experience undertaking OS level sysadmin tasks
- Agile working environment
- Problem Solving
Get similar jobs like these by email
By submitting your details you agree to our T&C's