Join us as we pursue our disruptive new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun and most importantly to each other’s success. Learn more about Splunk careers and how you can become a part of our journey.
Are you looking to make an impact? The work you’ll do will directly impact the experience of our customers. We bring standard methodologies out to the world to make people happier with our software, and just as importantly, we bring the world's needs and wants back to Splunk to make our software better. And we get the chance to see firsthand the extraordinary things that our customers and partners do with Splunk.
As a Professional Services Consultant, you will fuel solutions to ensure enterprise deployments make the deepest impact possible across an organization. You'll solve organizations’ most challenging problems, including the ones they didn't know existed. Splunkers are self-motivated and have an insatiable thirst to learn disruptive technologies and thrive in a rapidly changing environment. As a successful Splunk Consultant, you will be adept at mastering new technologies and come from a variety of business, analytic and technology backgrounds. Are you up for the challenge?
- Integrate respective solution / technology with every other solution / technology deployed in the SOC setup
- Automation of all L1 & L2 activities within SOC
- Collaborate closely with Technical Account Manager (TAM) and engineering division of Splunk for early resolution to the product level cases, vulnerabilities, bugs, features enhancement, patches, versions etc.
- Single point of contact to the customer’s stakeholders with Splunk
- Maintain the suitable architecture of the technology solution
- Perform threat modelling of the Bank’s assets and accordingly define the necessary use cases
- Execute Major changes without any disruption and adverse impact.
- Continuously deliver the value of solution to the Banking terms of detecting all kind threats, accuracy of detection, value added use cases and content development etc.
- Improvise threat hunting capabilities of the technology
- Continuous development of analytical, statistical, mathematical models leveraging AI/ML capabilities of the technology to threat detection and prediction capabilities and put in place advanced use cases
- Continuous fine tuning of configuration, rules, policies etc.
- Continuous innovation and automations in intuitive dashboards, report, queries.
- Optimization of response time to fetch data, logs in advanced queries, reports, dashboards, etc.
- Closely collaborate with onsite Inspira team and other SOC OEMs to leverage each technology’s capabilities to develop inter-SOC and inter-IT Infrastructure technologies& services, logs, data ingestion, correlation, alerting etc. and automation
- Threat Intel feed analysis, provide appropriate recommendations, define use cases to detect the threatsaccording to the information provided in Threat intel
- Troubleshooting the technology level issues to ensure uptime, health, efficiency and optimal utilization of the technology without WebEx / RDP / SSH / remote system level support from offsite subject matter experts.
- Close the vulnerabilities, apply security & enhancement patches, upgrade versions.
- Ensure DC & DR setups are in sync on real-time basis in every manner.
- Participate in DR, cyber, tabletop drills etc.
- Responsible for ensuring end to end tight integration of the Bank’s IT Assets, other SOC solutions, Applications etc.
- Provide management report on respective solutions effectiveness
- Provide necessary support during the Forensics investigation and threat hunting
- Perform continuous assessment of respective solution maturity against global standards and fine tune the configuration parameters, technical policies, rules, algorithms accordingly.
- Prepare road map for product maturity and enhancements plan and ensure the recommended featured deliver within the agreed times.
- Provide on the job training to the officials of the Bank and bidder through structured and unstructured methods. Assess job knowledge of officials.
- Participate in meetings, discussions etc. to provide technology specific perspective. Make presentations on the current technology capabilities, use cases, automation done etc. and current and future enhancements / roadmap etc.
- Work at SOC as per Bank’s working calendar & hours and on holidays if situation demands.
- Above is illustrative list of general activities. Technology specific activities shall be arrived at in consultation with the Project Manager of the bidder and / or TAM of Splunk.
Experience: Minimum 5 years in information security & Security Operations (SOC) domain
B.E. (IT/Comps/ECE/EXTC), B. Tech., BSC-IT, MCA, BCA or related field
Splunk Certifications: Splunk power user or Splunk admin
Security Certification: CEH/CHFI/GSEC/GMON/ITIL or equivalent
Additional Certification: CISA/CISSP/OSCP/OSCP/GPYC/GREM, etc.
Location: Mumbai, onsite at customer site
We value diversity, equity, and inclusion at Splunk and are an equal employment opportunity employer. Qualified applicants receive consideration for employment without regard to race, religion, color, national origin, ancestry, sex, gender, gender identity, gender expression, sexual orientation, marital status, age, physical or mental disability or medical condition, genetic information, veteran status, or any other consideration made unlawful by federal, state, or local laws. We consider qualified applicants with criminal histories, consistent with legal requirements.