Splunk Admin 4 to 9 Years Pan India - Bengaluru, India - Capgemini
Description
Roles and Responsibilities- Review alerts triggered from insider risk, data loss and UEBA consoles and determining if the risk is real or normal work.
- Perform adhoc searches using Security Incident and Event Management (SIEM) (Splunk) Dashboards
- Create/Maintain dashboards in Splunk for high level insights into the program.
- Create reports of insider risk and/or data loss incidents and present findings to management
- Provide feedback and suggestions on improving the analysis and rules used for user behavior analysis
- Identify gaps in information insights that may help with detecting and assessing insider concerns
- Helps identify and obtain log information and other contextual data for use in insider threat detection and assessment
- Engage with end users/Managers to investigate the alerts and educate them with Data Protection Policy
Desired Characteristics/Technical Expertise:
- Experience in anomaly detection, data analytics, behavior analytics
- Training in Information Securityspecific disciplines
- Strong Splunk experience in advanced reporting and alerting, queries, and data modeling
- IT Risk & Security background with scripting and coding skills
Primary Skills
- Splunk Administration/Development.
- Dashboard Management
- Security Incident and Event Management (SIEM)
Secondary Skills
- Good to have Splunk Certifications.
More jobs from Capgemini
-
Remote Desktop support
Mumbai, India - 2 weeks ago
-
Service Now
Maharashtra, India - 3 weeks ago
-
Solution Architect 15 to 17 Years Pan India
Bengaluru, India - 6 days ago
-
Payroll 3 to 5 Years Kolkata
Kolkata, India - 4 weeks ago
-
Coordinador/a Cad
Sant, India - 1 week ago
-
TIBCO Senior Developer
Bengaluru, India - 3 weeks ago