Splunk Administrator

Posted 129 days ago ·

  • Work Location
    Shanghai( 上海),
    Chinese Required
    Yes
    Experience Required
    5 Years
  • Qualification
    Bachelor Degree
    Salary (Monthly CNY)
    Negotiable
    Contract Type
    Full Time
  • Job Functions
    Information Technology
Role: Cybersecurity Splunk Consultant 
Duration: Full-Time
Pay Rate/Salary: Open
Location: Shanghai, China

Job Description
  • The Cybersecurity Splunk Consultant will work to leverage full utility of Splunk technology to monitor cybersecurity, protect IT infrastructure, and enable rapid containment and resolution to IT security incidents. Duties and responsibilities may also include
  • Implement the production of Splunk Ecosystem (Splunk Core, Splunk Enterprise Security), and feature the people, process, and tools that enable successful adoption assuring the solution is able to meet the objectives of the business.
  • Provide strategic support of Splunk integration and deployment, configuration and maintenance
  • Understand, interpret and develop content for SIEM products to meet internal and external customer requirements
  • Coordinate with other organizations (SOC/CSIRT) and assist with advanced issue resolution across the enterprise
  • Assist in the proper operation and performance of Splunk, Loggers and connectors and integration of data feeds (logs) into Splunk
  • Perform Content Development to properly identify data feeding SIEM’s and correlation of events.  
  • Develop filters to assist in the identification of significant events
  • Provide recommendations and implement changes to optimize Splunk products in the customer environment
  • Write and develop custom scripts, programs as needed

Basic Qualifications
  • 1-3 years of experience with Splunk Infrastructure administration
  • Associate of Science degree in Information Technology, IT Security, Network Systems Technology or related field or equivalent experience plus one (1) to three (3) years of directly related experience or any equivalent combination of education, experience, training and certifications.
  • Basic understanding of Information Security with relevant work experience and/or relevant education/certifications
  • Ability to speak English & Mandarin

Preferred Qualifications
  • Experience with Linux or Solaris Servers
  • Experience with SQL and/or Oracle Databases
  • Experience with or knowledge of SIEM Content Development
  • Experience with Scripting (Python, Ruby, PowerShell, Perl, etc.)
  • Technical writing experience
  • Experience with installation/deployment procedures
  • Experience with document requirements
  • Excellent verbal and written communication skills are preferred