Splunk SIEM Engineer
Work form Anywhere with in Australia (Preference Sydney/Port Macquarie OR Melbourne)
12-month contract position, with the possibility of extension for a Large Utility Company
The daily rate for this position is $1175 including Superannuation
Key Responsibilities: Perform data onboarding, CIM Mapping, maintaining data quality.
Splunk SIEM Engineer will be working with cross-functional teams in a clustered environment, for data onboarding, CIM mapping, data quality maintenance, developing Splunk Enterprise Security (ES) use cases, writing correlation searches, implementing dashboards, reports, and alerts, and optimize performance of the Splunk platform.
- Develop and maintain Splunk Enterprise Security, including data models, correlation searches notable events, and threat feeds.
- Collaborate with stakeholders to identify key data sources, events, and use cases to be monitored and analysed by the Splunk platform.
- Perform data onboarding, CIM Mapping, maintaining data quality.
- Configure and manage Splunk deployment server, Cluster Manager, indexers, search heads, and forwarders to ensure optimal performance, availability, scalability, and reliability.
- Develop and maintain performance efficient Splunk searches, dashboards, reports, and alerts to provide insights into system and security events.
- Monitor and troubleshoot Splunk platform issues and implement corrective actions to ensure system availability and performance.
- Implement Splunk solutions that meet business requirements for monitoring, analysis, and reporting.
- Develop and maintain technical documentation and procedures related to Splunk platform administration and operations.
- Bachelor’s degree in Computer Science, Information Technology, or related field.
- Minimum of 3-5 years of experience in implementing and managing Splunk solutions.
- Experience with Splunk Enterprise Security and UBA
- Strong understanding of SPL, Splunk architecture, configuration, and administration.
- Experience with scripting languages such as Python, Bash, and PowerShell.
- Familiarity with various data sources and log formats, including syslog, Windows Event Log, Apache logs, etc.
- Knowledge of security concepts and practices, including threat detection, incident response, and security monitoring is an advantage.
- Ability to work collaboratively with cross-functional teams and stakeholders.
- Splunk Certified Admin
- Splunk Certified Developer
- Splunk Certified Architect
How to apply:
Please apply using the link below or call Steve – 0480 047 903 for further details. Applications closes based on the volume of applications received.
Adaps is an equal opportunity employer that actively embraces diversity in its workforce through accurate community representation of gender, culture; thought and work arrangements.
For Search purposes – Splunk, SIEM, Security, CIM Mapping, Splunk Enterprise Security, Cluster