4 Splunk Soar Jobs

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion its a place where you can grow, belong and thrive. Your day at NTT DATA The Security Managed Services Engineer (L2) is a developing engineering role, responsible for providing a managed service to clients to ensure that their Security Infrastructures and systems remain operational. Through the proactive monitoring, identifying, investigating, and resolving of technical incidents and problems, this role is able to restore service to clients. The primary objective of this role is to proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA) and focuses on second-line support for incidents and requests with a medium level of complexity. The Security Managed Services Engineer (L2) may also contribute to / support on project work as and when required. What You&aposll Be Doing Key Responsibilities: Create and maintain security playbooks for automating incident response procedures. Analyze security incidents and determine automation opportunities. Continuously improve existing playbooks for efficiency and effectiveness. Conduct thorough testing and validation of playbooks to ensure accuracy. Develop integrations with various security tools, systems, and APIs. Map data flows between different systems and ensure data consistency. Create custom scripts and connectors to facilitate integrations. Implement robust error handling and troubleshooting mechanisms for integrations. Academic Qualifications and Certifications: Bachelor&aposs degree, Information Security, or a related field. 6+ years of experience Relevant certifications: Splunk SOAR certified automation developer certification is must. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance, and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and Workplace type: On-site Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today. Show more Show less

At EY, you have the opportunity to shape a career tailored to your unique abilities, supported by a global network, inclusive environment, and cutting-edge technology to empower your growth. Your individuality and insights will contribute to EY's continuous improvement. Embrace this chance to craft an exceptional journey for yourself while contributing to a more productive working world for all. As a Senior in Cyber Managed Service - Threat Detection & Response focusing on Security Orchestration, Automation and Response (Splunk SOAR), your key capabilities include exceptional teamwork, a drive to combat cyber threats, and collaborating with customers to devise security automation strategies. You will work with the team to deliver innovative integrations and playbooks, ensuring practical solutions to customer challenges. Your responsibilities encompass the execution and upkeep of Splunk SOAR analytical processes, platform management, development of custom scripts and playbooks for task automation, and leveraging Python, REST API, JSON, and basic SQL. Your role involves utilizing Incident Response and Threat Intelligence tools, creating efficient Python-based Playbooks, and employing the Splunk SOAR platform for automation across various technologies. Collaboration with security operations teams, incident responders, and intelligence groups is crucial. Experience in security operations centers and familiarity with SIEM solutions like Splunk and Microsoft Sentinel is advantageous, as is knowledge of Splunk content development. You should be eager to learn new technologies, contribute to technical content development, and conceptualize automation for business workflows. Proficiency in network monitoring technologies and endpoint protection platforms is desired. Your ability to support production issues, engage with stakeholders, coordinate with vendors for incident closure, and develop remediation action plans is essential. Ideal qualifications include a minimum of 3+ years in cybersecurity with network architecture expertise, experience in deploying and integrating Splunk SOAR in enterprise environments, and familiarity with ServiceNow SOAR. Strong communication skills, network administration background, scripting proficiency, and a technical degree are required. Additionally, certifications in Splunk and core security disciplines are beneficial. Join EY in building a better working world, where diverse teams worldwide use data and technology to provide assurance and support client growth and transformation. Be a part of EY's mission to address complex global challenges through innovative solutions across assurance, consulting, law, strategy, tax, and transactions.,

Experience in SIEM SOAR implementation and administration Experience in Playbook creation Demonstrated proficiency in the daily monitoring of Information Security events ensuring prompt detection and response to potential threats Proficient in performing 24x7 monitoring of security logs conducting detailed analysis and escalating detected events based on agreed runbooks and SLAs Knowledgeable in malware analysis techniques aiding in the identification and mitigation of malicious software Experience in SIEM SOC operations for very large enterprises ensuring security posture and compliance Proficiency in reviewing security monitoring tool policies using a logical and security focused approach aligning them with the latest security concepts to enhance the overall security posture of the organization Possess expertise in threat modeling and the development of use casesenabling the creation of effective strategies for identifying and mitigating security threats Proficient in working with SOAR tools particularly XSOAR Skilled in playbook development and integrating third party solutions with SOAR Experienced in security automation using scripting languages like Python and Shell Hands on experience in Managing and maintaining existing SOAR solutionensuring its optimal performance and functionality Successfully on boarded new customers to the platform ensuring a smooth transition and adoption of the platform Managed the entire customer onboarding process starting from host building firewall requests and tenant on boarding Integrated third party solutions with the SOAR platform including SIEM email and ITSM Troubleshot errors related to playbook execution and third party integrations ensuring smooth operation of the SOAR system Assisted in SOAR platform upgrades including testing deploymentand configuration to maintain up to date and secure infrastructure Gathered playbook development requirements from customers or suggested new playbook development requirements to enhance the SOAR systems capabilities

Greetings !! We are looking for a skilled Splunk Administrator with hands-on experience in deploying and managing Splunk Enterprise and Splunk Cloud. The ideal candidate should have experience in Splunk Enterprise Security (ES), Splunk UBA, and IT Service Intelligence (ITSI). This role requires strong technical skills, along with the ability to communicate effectively with customers. Roles & Responsibilities: Splunk Deployment & Administration: Install, configure, and manage Splunk Enterprise and Splunk Cloud. Handle indexers, search heads, forwarders, and clustering. Optimize Splunk performance, storage, and scalability. Security & Splunk Monitoring Solutions: Implement and manage Splunk Enterprise Security (ES), Splunk UBA, and ITSI. Configure correlation searches, threat intelligence feeds, risk-based alerting (RBA), and dashboards. Troubleshoot security-related issues within Splunk. Customer Interaction & Troubleshooting: Engage with customers to understand their requirements and provide technical guidance. Troubleshoot and resolve Splunk-related issues, logs ingestion, parsing, and data onboarding. Splunk Architecture & Implementation: Design, deploy, and optimize Splunk Enterprise and Splunk Cloud environments. Lead end-to-end Splunk implementations, migrations, and upgrades. Manage search head clustering, indexer clustering, and data retention policies. Security & Observability Solutions: Architect and configure Splunk Enterprise Security (ES), Splunk UBA, and ITSI. Implement risk-based alerting (RBA), custom correlation searches, and advanced analytics. Integrate Splunk with SOAR, cloud platforms (AWS, Azure, GCP), and third-party security tools. Team Leadership & Customer Engagement: Lead and mentor a team of Splunk Administrators & Engineers. Interact with customers to gather requirements, design solutions, and conduct workshops etc. Review and improve Splunk use cases, dashboards, and data models. Optimization & Automation: Develop custom scripts (Python, Bash, PowerShell) for automation and orchestration. Tune Splunk performance, search queries, and indexing strategies. Implement best practices for data onboarding, parsing, and CIM compliance. Interested can share their updated resume to gayathri.ramaraj@locuz.com along with the below mentioned details. Current CTC: Expected CTC: Notice Period: