IT Security Specialist with expertise on Splunk Enterprise Security

Role and Mission Description

The consultant will verify the developed design and then install and configure a Splunk Enterprise Security environment for the SOC/SIEM. Sources of logs will be connected, Splunk Enterprise Security will be configured, and appropriate dashboards and reports will be created.

The mission includes, as soon as possible after the start of the mission:

verifying and possibly adjusting the developed design
installing and configuring Splunk Enterprise Security
configuring Security Enterprise Security
connecting log sources
filtering data from log sources
configuring RBA (Risk-Based Alerting) and creating advanced Splunk dashboards with accompanying SPL and reports.

The rest of the mission will consist of support and assistance in further development of the environment and addressing operational issues.

Security Agreement

Level 3 The company may have access to classified information in the authority's premises or in areas or premises designated by the authority.

Remote work

By agreement

Technical and professional capacity

Must-have requirements

The consultant must have 2 years of work experience with Splunk Enterprise environment.
The consultant must have 2 years of work experience in installing and configuring Splunk Enterprise Security.
The consultant must have 1 year of work experience in installing and configuring RBA (Risk-Based Alerting).
The consultant must have 2 years of work experience with Unix/Linux.
The consultant must have 1 year of work experience in connecting log sources, such as AD, firewalls, DNS, DHCP, web proxies, to Splunk.