Splunk Administrator

MatchPoint Solutions

Posted 1692 days ago ·

Role: Cybersecurity Splunk Consultant

Duration: Full-Time

Pay Rate/Salary: Open

Location: Shanghai, China

Job Description

The Cybersecurity Splunk Consultant will work to leverage full utility of Splunk technology to monitor cybersecurity, protect IT infrastructure, and enable rapid containment and resolution to IT security incidents. Duties and responsibilities may also include
Implement the production of Splunk Ecosystem (Splunk Core, Splunk Enterprise Security), and feature the people, process, and tools that enable successful adoption assuring the solution is able to meet the objectives of the business.
Provide strategic support of Splunk integration and deployment, configuration and maintenance
Understand, interpret and develop content for SIEM products to meet internal and external customer requirements
Coordinate with other organizations (SOC/CSIRT) and assist with advanced issue resolution across the enterprise
Assist in the proper operation and performance of Splunk, Loggers and connectors and integration of data feeds (logs) into Splunk
Perform Content Development to properly identify data feeding SIEM’s and correlation of events.
Develop filters to assist in the identification of significant events
Provide recommendations and implement changes to optimize Splunk products in the customer environment
Write and develop custom scripts, programs as needed

Basic Qualifications

1-3 years of experience with Splunk Infrastructure administration
Associate of Science degree in Information Technology, IT Security, Network Systems Technology or related field or equivalent experience plus one (1) to three (3) years of directly related experience or any equivalent combination of education, experience, training and certifications.
Basic understanding of Information Security with relevant work experience and/or relevant education/certifications
Ability to speak English & Mandarin

Preferred Qualifications