Splunk SIEM Consultant - IT Infrastructure

Job Description

- Focus on advance Splunk administration, configuration, and development efforts, with a goal towards enhancing and further refine Splunk infrastructure. - Design and customize complex search queries, Develop dashboards, data models, reports and optimize their performance - Working to onboard multiple data sources by parsing and normalizing the data by following best practices - Refine audit levels at log source and Splunk log ingest settings to maximize program capability to monitor for cybersecurity-relevant events - Administration of Splunk Deployments, help resolve issues with Indexing, Search and Forwarding Layers. - Standardize Splunk agent deployment, configuration, log aggregation, and maintenance across a variety of platforms to include UNIX, Windows, VMWare, and Data Storage environments. - Use case development leveraging all product features (trends, variables, hierarchical architectures, correlation and pattern discovery) - Provide comprehensive maintenance plans for change management review and approval. - Implement Complex Changes. - Creating Root Cause Analysis ( RCA). - Identifying areas of Service. - Improvement Program (SIP) for key clients and reducing incidents. - Recognizes successful intrusions and compromises through review and analysis of relevant event detail information.