Description:
We are looking for a Splunk Expert for the Lahore office (Onsite role).
ππ¨π ππ¨ππππ’π¨π§ (ππ§π¬π’ππ): NETSOL AvenueΨ Main Ghazi Rd, Lahore
ππ±π©ππ«π’ππ§ππ: 5+ years of experience in relevant fields (Splunk, SOC, and MSSP Services, etc.)
· Good knowledge of SIEM, and SIEM Architecture
· Deployment of Splunk (SIEM & SOAR) solutions
· Troubleshoot issues regarding SIEM and other SOC tools
· Data archive and backup as per compliance requirements
· Raising change management tickets for SOC Administration activities like Patch upgrades for SIEM, onboarding log sources, etc.
· Helping L2 and L1 with required knowledge base
· Coordination with L2 and SOC Monitoring team for troubleshooting issues and highlighting them for further resolution and escalation
· Troubleshooting at the device and connector/agent end to fix the anomaly reported by other teams and observed on a day-to-day basis
· Document incidents, and advisories and review if SLA has been met for Incident alerting and Incident closure
· Update and maintain SOC knowledge base for new security incidents and docs
· Creation of daily status report sheet and submission to SOC manager for review
· Review advisories and make necessary detection measures
· Provide analysis and trending of security log data from a large number of security devices
· Troubleshoot non-reporting devices fixing and maintaining device status
· Build a Parser for the QRadar using regex or other techniques
· Support and enhance event parsing, log collection, storage, automation and monitoring
· Ability to onboard cloud assets in Splunk
· Experience with SOAR workflow configurations and troubleshooting
Required skills and qualifications:
Organization | NETSOL Technologies Inc. |
Industry | Other Jobs Jobs |
Occupational Category | Splunk Expert |
Job Location | Lahore,Pakistan |
Shift Type | Morning |
Job Type | Full Time |
Gender | No Preference |
Career Level | Experienced Professional |
Experience | 5 Years |
Posted at | 2024-07-25 2:20 pm |
Expires on | 2025-01-21 |