60 Splunk Admin Jobs

Key Responsibilities: Splunk ITSI Implementation: Develop and configure IT Service Intelligence (ITSI) modules, including KPI creation, service trees, and notable event aggregation. SIEM Development: Design, implement, and optimize Splunk SIEM solutions for threat detection, security monitoring, and log analysis. Dashboard & Visualization: Create advanced dashboards, reports, and visualizations using Splunk SPL (Search Processing Language). Data Ingestion & Parsing: Develop data onboarding, parsing, and field extractions from various log sources, including cloud and on-prem infrastructure. Mandatory Key SkillsSIEM,Data Ingestion,data onboarding,Data Visualization,Dashboarding,Splunk*

Key Responsibilities: Splunk ITSI Implementation: Develop and configure IT Service Intelligence (ITSI) modules, including KPI creation, service trees, and notable event aggregation. SIEM Development: Design, implement, and optimize Splunk SIEM solutions for threat detection, security monitoring, and log analysis. Dashboard & Visualization: Create advanced dashboards, reports, and visualizations using Splunk SPL (Search Processing Language). Data Ingestion & Parsing: Develop data onboarding, parsing, and field extractions from various log sources, including cloud and on-prem infrastructure. Mandatory Key SkillsSplunk ITSI Implementation,SIEM Development,data onboarding,Visualization,Splunk*

Key Responsibilities: Splunk ITSI Implementation: Develop and configure IT Service Intelligence (ITSI) modules, including KPI creation, service trees, and notable event aggregation. SIEM Development: Design, implement, and optimize Splunk SIEM solutions for threat detection, security monitoring, and log analysis. Dashboard & Visualization: Create advanced dashboards, reports, and visualizations using Splunk SPL (Search Processing Language). Data Ingestion & Parsing: Develop data onboarding, parsing, and field extractions from various log sources, including cloud and on-prem infrastructure.KeywordsITSI,SIEM,SIEM Development,Splunk SPL,Splunk ITSI Implementation,Splunk*Mandatory Key SkillsITSI,SIEM,SIEM Development,Splunk SPL,Splunk ITSI Implementation,Splunk*

Key Responsibilities:Splunk ITSI Implementation: Develop and configure IT Service Intelligence (ITSI) modules, including KPI creation, service trees, and notable event aggregation.SIEM Development: Design, implement, and optimize Splunk SIEM solutions for threat detection, security monitoring, and log analysis.Dashboard & Visualization: Create advanced dashboards, reports, and visualizations using Splunk SPL (Search Processing Language).Data Ingestion & Parsing: Develop data onboarding, parsing, and field extractions from various log sources, including cloud and on-prem infrastructure.KeywordsDashboard,Data Visualization,Splunk SPL,Data Ingestion,Splunk SIEM solutions,IT Service Intelligence,Splunk ITSI Implementation*Mandatory Key SkillsDashboard,Data Visualization,Splunk SPL,Data Ingestion,Splunk SIEM solutions,IT Service Intelligence,Splunk ITSI Implementation*

Key Responsibilities: Splunk ITSI Implementation: Develop and configure IT Service Intelligence (ITSI) modules, including KPI creation, service trees, and notable event aggregation. SIEM Development: Design, implement, and optimize Splunk SIEM solutions for threat detection, security monitoring, and log analysis. Dashboard & Visualization: Create advanced dashboards, reports, and visualizations using Splunk SPL (Search Processing Language). Data Ingestion & Parsing: Develop data onboarding, parsing, and field extractions from various log sources, including cloud and on-prem infrastructure.KeywordsSIEM,Data Ingestion,data onboarding,Data Visualization,Dashboarding,Splunk*Mandatory Key SkillsSIEM,Data Ingestion,data onboarding,Data Visualization,Dashboarding,Splunk*

Key Responsibilities: Splunk ITSI Implementation: Develop and configure IT Service Intelligence (ITSI) modules, including KPI creation, service trees, and notable event aggregation. SIEM Development: Design, implement, and optimize Splunk SIEM solutions for threat detection, security monitoring, and log analysis. Dashboard & Visualization: Create advanced dashboards, reports, and visualizations using Splunk SPL (Search Processing Language). Data Ingestion & Parsing: Develop data onboarding, parsing, and field extractions from various log sources, including cloud and on-prem infrastructure. Mandatory Key Skills IT Service Intelligence,Data Ingestion,Splunk SPL,Splunk SIEM,SIEM Development,Splunk*

Key Responsibilities: Splunk ITSI Implementation: Develop and configure IT Service Intelligence (ITSI) modules, including KPI creation, service trees, and notable event aggregation. SIEM Development: Design, implement, and optimize Splunk SIEM solutions for threat detection, security monitoring, and log analysis. Dashboard & Visualization: Create advanced dashboards, reports, and visualizations using Splunk SPL (Search Processing Language). Data Ingestion & Parsing: Develop data onboarding, parsing, and field extractions from various log sources, including cloud and on-prem infrastructure. Mandatory Key SkillsIT Service Intelligence,Data Ingestion,Splunk SPL,Splunk SIEM,SIEM Development,Splunk*

Key Responsibilities: Splunk ITSI Implementation: Develop and configure IT Service Intelligence (ITSI) modules, including KPI creation, service trees, and notable event aggregation. SIEM Development: Design, implement, and optimize Splunk SIEM solutions for threat detection, security monitoring, and log analysis. Dashboard & Visualization: Create advanced dashboards, reports, and visualizations using Splunk SPL (Search Processing Language). Data Ingestion & Parsing: Develop data onboarding, parsing, and field extractions from various log sources, including cloud and on-prem infrastructure. Mandatory Key SkillsITSI,SIEM,SIEM Development,Splunk SPL,Splunk ITSI Implementation,Splunk*

Key Responsibilities: Splunk ITSI Implementation: Develop and configure IT Service Intelligence (ITSI) modules, including KPI creation, service trees, and notable event aggregation. SIEM Development: Design, implement, and optimize Splunk SIEM solutions for threat detection, security monitoring, and log analysis. Dashboard & Visualization: Create advanced dashboards, reports, and visualizations using Splunk SPL (Search Processing Language). Data Ingestion & Parsing: Develop data onboarding, parsing, and field extractions from various log sources, including cloud and on-prem infrastructure. Mandatory Key SkillsSplunk ITSI Implementation,IT Service Intelligence,SIEM Development,Search Processing Language,Data Ingestion,Splunk*

About The Role Project Role : Application Lead Project Role Description : Lead the effort to design, build and configure applications, acting as the primary point of contact. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Lead, you will lead the effort to design, build, and configure applications, acting as the primary point of contact. Your typical day will involve collaborating with various teams to ensure that application requirements are met, overseeing the development process, and providing guidance to team members. You will also engage in problem-solving activities, ensuring that the applications are functioning optimally and meeting the needs of the organization. Your role will require you to stay updated with the latest technologies and methodologies to enhance application performance and security. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate knowledge sharing sessions to enhance team capabilities.- Monitor project progress and ensure timely delivery of application features. Professional & Technical Skills: - Must To Have Skills: Proficiency in Splunk Security Information and Event Management (SIEM).- Strong understanding of application design and architecture principles.- Experience with incident response and security monitoring.- Familiarity with compliance frameworks and security best practices.- Ability to analyze and interpret security logs and alerts. Additional Information:- The candidate should have minimum 5 years of experience in Splunk Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Technology Support Engineer Project Role Description : Resolve incidents and problems across multiple business system components and ensure operational stability. Create and implement Requests for Change (RFC) and update knowledge base articles to support effective troubleshooting. Collaborate with vendors and help service management teams with issue analysis and resolution. Must have skills : Splunk Administration Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Technology Support Engineer, you will engage in resolving incidents and problems across various business system components, ensuring operational stability. Your typical day will involve collaborating with different teams, implementing Requests for Change, and updating knowledge base articles to enhance troubleshooting effectiveness. You will also work closely with vendors and service management teams to analyze and resolve issues, contributing to a seamless operational environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions for junior team members to enhance their skills.- Monitor system performance and proactively identify areas for improvement. Professional & Technical Skills: - Must To Have Skills: Proficiency in Splunk Administration.- Strong understanding of incident management processes.- Experience with system monitoring and performance tuning.- Familiarity with change management practices.- Ability to create and maintain technical documentation. Additional Information:- The candidate should have minimum 5 years of experience in Splunk Administration.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Educational Requirements MCA,MTech,Master of Business Administration,Bachelor of Engineering,BCA,BTech Service Line Cloud & Infrastructure Services Responsibilities As Tools SME Tools in SolarWinds/Splunk/Dynatrace/Devpops tool will work on Design, Setup and Configuration of Observability Platforms with Correlation, Anomaly Detection, Visualization and Dashboards, AI ops, Devops, Tool Integration : Collaborate with DevOps architects, development teams, and operations teams to understand their tool requirements and identify opportunities for optimizing the DevOps toolchain. Evaluate and recommend new tools and technologies that can enhance our DevOps capabilities context, considering factors like cost, integration, and local support. Lead the implementation, configuration, and integration of various DevOps tools, including CI/CD platforms (e.g., Jenkins, GitLab CI, Azure DevOps), infrastructure-as-code (IaC) tools (e.g., Terraform, Ansible), containerization and orchestration tools (e.g., Docker, Kubernetes), monitoring and logging tools (e.g., Prometheus, Grafana, ELK stack), and testing framework Establish standards and best practices for the usage and management of the DevOps toolset Ensure the availability, performance, and stability of the DevOps toolchain Perform regular maintenance tasks, including upgrades, patching, and backups of the DevOps tools. Provide technical support and troubleshooting assistance to development and operations teams regarding the usage of the DevOps tools. Monitor the health and performance of the toolset and implement proactive measures to prevent issues. Design and implement integrations between different tools in the DevOps pipeline to create seamless and automated workflows Develop automation scripts and utilities to streamline tool provisioning, configuration, and management within the environment. Work with development teams to integrate testing and security tools into the CI/CD pipeline. Additional Responsibilities: Besides the professional qualifications of the candidates, we place great importance in addition to various forms personality profile. These include: High analytical skills A high degree of initiative and flexibility High customer orientation High quality awareness Excellent verbal and written communication skills Technical and Professional Requirements: At least 6+ years of experience in Solarwinds or Splunk or Dynatrace or Devlops Toolset Proven experience with several key DevOps tools, including CI/CD platforms (e.g., Jenkins, GitLab CI, Azure DevOps), IaC tools (e.g., Terraform, Ansible), containerization (Docker, Kubernetes), and monitoring tools (e.g., Prometheus, Grafana, ELK stack). Good level knowledge of Linux environment Good working knowledge on YAML and Python Good working knowledge in Event correlation and Observability Good Communication skills Good analytical and problem-solving skills Preferred Skills: Technology->Infra_ToolAdministration-Others->Solarwinds Technology->Infra_ToolAdministration-Others->Splunk Admin Technology->DevOps->DevOps Architecture Consultancy Technology->Dynatrace->Digital Performance Management Tool

Greetings !! We are looking for a skilled Splunk Administrator with hands-on experience in deploying and managing Splunk Enterprise and Splunk Cloud. The ideal candidate should have experience in Splunk Enterprise Security (ES), Splunk UBA, and IT Service Intelligence (ITSI). This role requires strong technical skills, along with the ability to communicate effectively with customers. Roles & Responsibilities: Splunk Deployment & Administration: Install, configure, and manage Splunk Enterprise and Splunk Cloud. Handle indexers, search heads, forwarders, and clustering. Optimize Splunk performance, storage, and scalability. Security & Splunk Monitoring Solutions: Implement and manage Splunk Enterprise Security (ES), Splunk UBA, and ITSI. Configure correlation searches, threat intelligence feeds, risk-based alerting (RBA), and dashboards. Troubleshoot security-related issues within Splunk. Customer Interaction & Troubleshooting: Engage with customers to understand their requirements and provide technical guidance. Troubleshoot and resolve Splunk-related issues, logs ingestion, parsing, and data onboarding. Splunk Architecture & Implementation: Design, deploy, and optimize Splunk Enterprise and Splunk Cloud environments. Lead end-to-end Splunk implementations, migrations, and upgrades. Manage search head clustering, indexer clustering, and data retention policies. Security & Observability Solutions: Architect and configure Splunk Enterprise Security (ES), Splunk UBA, and ITSI. Implement risk-based alerting (RBA), custom correlation searches, and advanced analytics. Integrate Splunk with SOAR, cloud platforms (AWS, Azure, GCP), and third-party security tools. Team Leadership & Customer Engagement: Lead and mentor a team of Splunk Administrators & Engineers. Interact with customers to gather requirements, design solutions, and conduct workshops etc. Review and improve Splunk use cases, dashboards, and data models. Optimization & Automation: Develop custom scripts (Python, Bash, PowerShell) for automation and orchestration. Tune Splunk performance, search queries, and indexing strategies. Implement best practices for data onboarding, parsing, and CIM compliance. Interested can share their updated resume to gayathri.ramaraj@locuz.com along with the below mentioned details. Current CTC: Expected CTC: Notice Period:

Your Role Administer and develop solutions usingSplunkandSplunk Security Essentialsto support enterprise security monitoring and analytics. Design, implement, and maintain Splunk dashboards, alerts, and reports to provide actionable insights into security events. UtilizeUNIX shell scripting or Pythonto automate data ingestion, parsing, and enrichment processes. Lead and manage security-related projects from planning through execution, ensuring timely delivery and alignment with business goals. Collaborate with cross-functional teams to define requirements, manage risks, and ensure stakeholder satisfaction. Your Profile 5 to 10 yearsof experience in IT security with a strong focus onSplunk administration and development. Proficiency inSplunk Security Essentials, data onboarding, and custom dashboard creation. Strong scripting skills inUNIX shellorPythonfor automation and integration. Solid understanding ofAgile/Scrum methodologiesand project lifecycle management. Proven experience in leading cross-functional teams and managing complex security projects. What You Will Love Working at Capgemini Work on cutting-edge security analytics platforms likeSplunkin enterprise-scale environments. Lead impactful projects that enhance cybersecurity posture for global clients. Clear career progression paths from engineering to leadership and consulting roles. Collaborate with diverse teams in a supportive, inclusive, and innovation-driven culture. Gain exposure to modern security frameworks, automation tools, and real-time threat intelligence.

As an Infra Dev Specialist, you will play a crucial role in managing and optimizing our infrastructure systems. With a focus on Splunk Admin, SRE, Grafana, ELK, and Dynatrace AppMon, you will ensure seamless operations and enhance system performance. This hybrid role requires adaptability to rotational shifts, offering a dynamic work environment without travel obligations. Responsibilities Manage and optimize infrastructure systems to ensure seamless operations and enhance system performance. Implement and maintain Splunk Admin solutions to monitor and analyze system data effectively. Utilize SRE practices to improve system reliability and reduce downtime. Develop and maintain Grafana dashboards for real-time data visualization and monitoring. Administer ELK stack components to ensure efficient log management and analysis. Leverage Dynatrace AppMon for application performance monitoring and troubleshooting. Collaborate with cross-functional teams to identify and resolve infrastructure issues promptly. Conduct regular system audits to ensure compliance with industry standards and best practices. Provide technical support and guidance to team members on infrastructure-related matters. Participate in rotational shifts to ensure 24/7 infrastructure support and monitoring. Contribute to the development and implementation of infrastructure governance, risk, and compliance strategies. Stay updated with the latest industry trends and technologies to enhance infrastructure capabilities. Document infrastructure processes and procedures for knowledge sharing and continuity. Certifications Required : Splunk Certified Admin

As an Infra Dev Specialist, you will play a crucial role in managing and optimizing our infrastructure systems. With a focus on Splunk Admin, SRE, Grafana, ELK, and Dynatrace AppMon, you will ensure seamless operations and enhance system performance. This hybrid role requires adaptability to rotational shifts, offering a dynamic work environment without travel obligations. Responsibilities Manage and optimize infrastructure systems to ensure seamless operations and enhance system performance. Implement and maintain Splunk Admin solutions to monitor and analyze system data effectively. Utilize SRE practices to improve system reliability and reduce downtime. Develop and maintain Grafana dashboards for real-time data visualization and monitoring. Administer ELK stack components to ensure efficient log management and analysis. Leverage Dynatrace AppMon for application performance monitoring and troubleshooting. Collaborate with cross-functional teams to identify and resolve infrastructure issues promptly. Conduct regular system audits to ensure compliance with industry standards and best practices. Provide technical support and guidance to team members on infrastructure-related matters. Participate in rotational shifts to ensure 24/7 infrastructure support and monitoring. Contribute to the development and implementation of infrastructure governance, risk, and compliance strategies. Stay updated with the latest industry trends and technologies to enhance infrastructure capabilities. Document infrastructure processes and procedures for knowledge sharing and continuity. Certifications Required : Splunk Certified Admin

You have successfully completed the hiring process for the Splunk Admin position at our office in Chennai. As a Splunk Admin with 4+ years of relevant experience, your responsibilities will include administering Splunk and Splunk Apps, developing new or extending existing Apps for specialized functionality, onboarding various log sources, parsing logs, performing field extractions, and managing Splunk Migration. You will also be responsible for integrating Splunk with legacy data sources, customizing and configuring Splunk to meet customer requirements, training application and infrastructure teams on Splunk usage, and mentoring team members with less experience in Splunk-related activities. Furthermore, you will collaborate closely with Infrastructure, Application, Development, and Business or project teams to establish best practices for utilizing Splunk data and visualizations. Your role will involve engaging with application and infrastructure teams, communicating with customer stakeholders, and creating/maintaining documentation related to architecture, operational processes, and training material for Splunk. The required skills for the Splunk Admin position include expertise in Splunk Admin and Splunk Migration. Our hiring process consisted of screening (HR Round), Technical Round 1, Technical Round 2, and Final HR Round. Congratulations on securing this position and welcome to the team! Please feel free to reach out if you have any questions or require further information.,

This role involves the development and application of engineering practice and knowledge in designing, managing and improving the processes for Industrial operations, including procurement, supply chain and facilities engineering and maintenance of the facilities. Project and change management of industrial transformations are also included in this role. - Grade Specific Focus on Industrial Operations Engineering. Develops competency in own area of expertise. Shares expertise and provides guidance and support to others. Interprets clients needs. Completes own role independently or with minimum supervision. Identifies problems and relevant issues in straight forward situations and generates solutions. Contributes in teamwork and interacts with customers.

Role & responsibilities Overall experience of at least 3+ years as SIEM Splunk Enterprise Security administrator. Hands-on experience with Splunk enterprise security (SIEM), security tools and devices, operating systems, and/or networking devices desired. Proven skills and experience in Use case development, Log source integration, log source parsing. Experience working across diverse teams to facilitate solutions Demonstrates proven expertise as in administering Splunk Enterprise Security (SIEM) environment. Should have the following skills: Splunk Certified professional having at least Splunk Admin user certification level preferrable. Good experience in Splunk administration and troubleshooting Experience in integration of Splunk with log sources of different types including but not limited to security devices, network devices, web applications, custom applications and so on. Experience in tuning and troubleshooting Splunk premium apps like Enterprise Security, Phantom and UBA. Comfortable in writing regular expression to extract fields from custom log sources. Expertise in developing custom use cases using Splunk search language to correlate and alert on logs from multiple sources. Hands-on experience in creating dashboard and reports using SPL queries and XML. Good knowledge of information security and IT operations domain. Proficiency in client and server operating systems including Linux and Windows General networking and system troubleshooting skills (firewalls, routing, NAT, etc.) Ability to autonomously prioritize and successfully deliver across a portfolio of projects Good consulting skills with ability to manage client expectations Preferred candidate profile

Job Title: Splunk Architect Location: [Pan-India] Experience: 79 Years Job Type: [Full-Time / Hybrid] Department: IT / Infra / DevOps Job Summary: We are seeking a highly skilled and experienced Splunk Architect to lead the design, implementation, and optimization of our Splunk infrastructure. The ideal candidate will have a strong background in IT operations, security, and data analytics, with a proven track record of architecting and managing enterprise-level Splunk deployments. Key Responsibilities: Design and implement scalable and resilient Splunk architectures across enterprise environments. Lead the deployment, configuration, and maintenance of Splunk components (indexers, forwarders, search heads, deployment servers). Develop and maintain data ingestion pipelines, parsing, and normalization of logs from various sources. Create and manage Splunk dashboards, alerts, reports, and visualizations for IT operations and security use cases. Collaborate with security, DevOps, and infrastructure teams to ensure effective log management and monitoring. Optimize performance and troubleshoot issues within the Splunk environment. Ensure compliance with data governance and security policies. Provide mentorship and guidance to junior Splunk engineers and analysts. Stay updated with the latest Splunk features, apps, and industry best practices. Required Skills & Qualifications: 7–9 years of experience in Splunk architecture and administration. Strong expertise in Splunk Enterprise, Splunk Cloud. Experience with onboarding data sources, creating custom apps, and developing SPL queries. Proficiency n scripting languages (Python, Bash, PowerShell) for automation and integration. Familiarity with ITSI, and other Splunk premium apps is a plus. Splunk certifications (e.g., Splunk Certified Architect, Splunk Certified Admin) are highly desirable. Excellent problem-solving, communication, and documentation skills. Preferred Qualifications: Experience with cloud platforms (AWS, Azure, GCP) and containerized environments (Docker, Kubernetes). Understanding of networking, firewalls, and endpoint security. Exposure to other log management.

Your Role Administer and develop solutions usingSplunkandSplunk Security Essentialsto support enterprise security monitoring and analytics. Design, implement, and maintain Splunk dashboards, alerts, and reports to provide actionable insights into security events. UtilizeUNIX shell scripting or Pythonto automate data ingestion, parsing, and enrichment processes. Lead and manage security-related projects from planning through execution, ensuring timely delivery and alignment with business goals. Collaborate with cross-functional teams to define requirements, manage risks, and ensure stakeholder satisfaction. Your Profile 5 to 10 yearsof experience in IT security with a strong focus onSplunk administration and development. Proficiency inSplunk Security Essentials, data onboarding, and custom dashboard creation. Strong scripting skills inUNIX shellorPythonfor automation and integration. Solid understanding ofAgile/Scrum methodologiesand project lifecycle management. Proven experience in leading cross-functional teams and managing complex security projects. What You Will Love Working at Capgemini Work on cutting-edge security analytics platforms likeSplunkin enterprise-scale environments. Lead impactful projects that enhance cybersecurity posture for global clients. Clear career progression paths from engineering to leadership and consulting roles. Collaborate with diverse teams in a supportive, inclusive, and innovation-driven culture. Gain exposure to modern security frameworks, automation tools, and real-time threat intelligence.

Your role This position is responsible for administering the Splunk platforms for enterprise Security Information and Event Management (SIEM). The role involves working with asset owners to ensure the timely and efficient collection of computer security events and logs for the purpose of detecting and responding to information security incidents. Maintain all components of a distributed SPLUNK infrastructure including indexer clusters, search head clusters, and deployment servers. Provide overall management of the SPLUNK platform. Standardize SPLUNK forwarder deployment, configuration, and maintenance across Unix and Windows platforms. Troubleshoot SPLUNK server and forwarder problems and issues. Assist internal users in designing and maintaining production-quality dashboards. Monitor the SPLUNK infrastructure for capacity planning. Implement change requests and engineering tasks. Lead technical discussions in customer governance calls. Participate in technical audits. Identify opportunities for automation, standardization, and stabilization. Prepare/update/review run books, SOPs, and knowledge articles. Plan, prepare, and execute change processes and implementations. Perform OS-level performance monitoring and troubleshooting. Monitor and troubleshoot application and database layers (e.g., Apache, Tomcat, MySQL). Administer and maintain a 24/7 highly available Splunk environment. Work closely with clients, technicians, and managerial staff. Experience with Databricks, Kafka, and NiFi is an added advantage. Your profile Splunk Administrator with 4 to 8 years experience Dashboards, reports creation and Monitoring Experience with Splunk Phantom as well, would be given preference Work location Bengaluru,Mumbai,Pune & Hyderabad What Youll Love About Working Here You can shape yourcareerwith us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work oncutting-edge projectsin tech and engineering with industry leaders or createsolutionsto overcome societal and environmental challenges.

Meet the Team The Security Operations Center (SOC) Security Investigator is responsible for investigating and responding to security issues within customer environments. Cisco Managed Security Services is looking for a Security Investigator who can analyze security events generated from network analytics, endpoint protection, and other security suites to determine the severity and outcome of any threats detected. The Security Investigator will provide remediation actions to the client based on the impact of these threats up to and including taking proactive responses for high priority events. You must be able to accurately identify and prioritize events, translate technical solutions for an audience of varying technical knowledge, and make customer impacting recommendations with the goal of ensuring customer satisfaction. l> Your Impact Take ownership of and conduct in-depth investigations into security events Document security investigations in a clear and concise manner Ensure that incoming client requests are addressed and worked in a timely manner Assist clients to address security incidents in an expedited manner Proactively hunt for suspicious or malicious activity not detected via automated alerts Work as a member of a team to prioritize incoming automated security events based on the impact and urgency of the events Provide knowledge sharing with the rest of the team Utilize threat intelligence to enrich and qualify security events Maintain knowledge of new tactics, techniques and procedures (TTP) in customer verticals Identify processes and procedures that are candidates for automation Minimum Qualifications Relevant degree in a technical field (Computer Science / Computer Engineering / Cybersecurity / Computer Networking) or related discipline with 9+ years equivalent experience Familiarity with incident handling, incident response frameworks, guidelines, and best practices (NIST, ISO, etc.) Passion for IT Security and staying up-to-date with current TTP's Experience with threat intelligence and open source threat intelligence Knowledge of enterprise network and computer environments and the common protocols and applications in these environments Preferred Qualifications Suggested certifications (OSCP,Sec+, CCIE - Security , CySA+,CCNA CyberOps, GCIH, GCIA, GCFA, GCFE, CEH) Working knowledge of Splunk admin and play book tuning Familiarity with MITRE ATT&CK framework Experience with a scripting/automation language (Python, BASH)

Role Purpose The purpose of this role is to support delivery through development and deployment of tools. Extensive working knowledge of Splunk administrator and various components (indexer, forwarder, search head, deployment server), as Splunk system administrator. Setting up Splunk Forwarding for new application tiers introduced into the environment. Identifying bad searches/dashboards and partnering with the creators to improve performance. Troubleshooting Splunk performance issues / Opening support cases with Splunk. Monitor the Splunk infrastructure for capacity planning and optimization.. Experience with any Observability tools such as Grafana, Prometheus and also tenants of Observability (Monitoring, Logging and/or tracing) is a plus. Experience with any programming language: Java/GoLang/Python is a plus. Experience working with Linux environment and Unix scripting. Experience with CI/CD: pipeline management with GitHub, Ansible is a plus. Installing, configuration and managing of datadog tool. Creating alerts,dashboards and other metrics in datadog Mandatory Skills: Splunk AIOPS. Experience:5-8 Years.

Project description We have a strong partnership with the leading bank in Australia across Treasury, Core Banking, and Technical Services offerings. Our purpose is to shape a world where people and communities thrive. That's why we strive to create a balanced, sustainable economy in which everyone can take part and build a better life. By helping people make the most of what they have, we transform ideas, hard work, and ambition into reality. Career development means different things to different people. It may simply mean developing a skill, broadening your experience by moving sideways, or stretching yourself by moving to a different business. Responsibilities Splunk PEEP requires strong expertise in developing queries, dashboards, and Python scripting. Providing innovative thought process and challenging the status quo whilst understanding the regulatory requirements of the Bank, including a focus on automation and simplification. Comfortable building trusted and productive relationships across the organization with a strong ability to influence and succeed through collaboration. Proven ability to deliver in a complex and fast-paced environment. Competence in effective communication across a range of audiences. Ability to identify continuous improvement opportunities and propose solutions to simplify and automate existing processes. A strong work ethic with a focus on excellence and attention to detail. Must be self-initiating and self-managing. An appreciation and motivation to learn of all aspects of compliance and operational risk. Knowledge of LINUX and Python Skills Must have Overall 5 to 7 years of experience as a Splunk Developer and 4+ years in Python development Experience in UI development with strong knowledge of Splunk UI, SPL, Splunk Configuration, Splunk Integration, Splunk Setup, Splunk Upgrade Strong development experience in Python 3 Experience with Windows server environment Knowledge of LINUX and shell scripting Nice to have Good exposure to CI/CD Bamboo, git, etc. Experience with CI/CD/test automation toolkits. Strong analytical skills to diagnose problem statements, perform root cause analysis, propose and implement technical solutions, and test changes. Ability to work in a fast-paced Agile environment. Understanding of Financial Markets domain and financial Markets data such as Orders, Trades, Market data, etc. Knowledge of Regulatory & Compliance and trade surveillance functions is an advantage. Since Migration from Splunk 8 to 9, creating forwarders, Index and configuration, splunk programming languages knowledge in Python scripts for migarating from Version 2 to 3.