Splunk Expert Offline

UST Global is seeking a Splunk Expert for a cyber security services and platform company whose mission is to help customers react faster and smarter – and stay ahead of security threats, by creating secure digital ecosystems.

Responsibilities:

• Understand customer requirements and recommend best practices related to Splunk solution

• Offer consultative advice in security principles and best practices related to Splunk operations

• Developing new Splunk use cases, rules, correlations, dashboards to meet the customer

• Needs using SPL

• Design and document Splunk architectures to meet the customer needs.

• Assist customer with Splunk sizing, Architectures, and client technical meetings

• Deploy and configure Splunk platforms as per Vendor guidelines and industry Best Practices

• Assist client with technical guidance to configure end log sources in-scope to be logged to Splunk

• Verification of data of log sources in the Splunk following the Common Information Model (CIM)

• Document the build of the Splunk solution

Requirements:

• Experienced Enterprise Security Administrator (Clustered ES with Deployer)

• Experienced linux administrator

• Hands on experience with configuring Correlation Searches, Assets & Identities, Risk & Threat Intelligence

• Hands on experience with data onboarding from onprem & cloud based sourcetypes

• Hands on experience with data parsing and data models

• Hands on experience with App/TA deployments on clustered search heads

• Knowledgeable in Use Case development workflows

• Experience in client facing roles and service management

• Good written/spoken English language

• MSSP/MSP experience a bonus but not essential

We offer:

• Possibility to influence the development of the project

• Friendly professional staff and warm atmosphere

• Help with development via mentoring and coaching

• The environment where you can implement your ideas

• Flexible schedule and opportunities to work remotely (8 hours workday)

• Paid vacation and sick leaves

• Participation in educational activities and thematic conferences

• Team parties and corporate events