- The Splunk Admin will work to leverage full utility of Splunk technology to monitor cyber security, protect IT infrastructure, and enable rapid containment and resolution to IT security incidents. Duties and responsibilities may also include
- Implement the production of Splunk Ecosystem (Splunk Core, Splunk Enterprise Security), and feature the people, process, and tools that enable successful adoption assuring the solution is able to meet the objectives of the business.
- Provide strategic support of Splunk integration and deployment, configuration and maintenance
- Understand, interpret and develop content for SIEM products to meet internal and external customer requirements
- Coordinate with other organizations (SOC/CSIRT) and assist with advanced issue resolution across the enterprise
- Assist in the proper operation and performance of Splunk, Loggers and connectors and integration of data feeds (logs) into Splunk
- Perform Content Development to properly identify data feeding SIEM’s and correlation of events.
- Develop filters to assist in the identification of significant events
- Provide recommendations and implement changes to optimize Splunk products in the customer environment
- Write and develop custom scripts, programs as needed
- 1-3 years of experience with Splunk Infrastructure administration
- Associate of Science degree in Information Technology, IT Security, Network Systems Technology or related field or equivalent experience plus one (1) to three (3) years of directly related experience or any equivalent combination of education, experience, training and certifications.
- Basic understanding of Information Security with relevant work experience and/or relevant education/certifications
- Ability to speak English & Mandarin
- Experience with Linux or Solaris Servers
- Experience with SQL and/or Oracle Databases
- Experience with or knowledge of SIEM Content Development
- Experience with Scripting (Python, Ruby, PowerShell, Perl, etc.)
- Technical writing experience
- Experience with installation/deployment procedures
- Experience with document requirements
- Excellent verbal and written communication skills are preferred