Splunk Enterprise Security Consultant

emagine is looking for a Splunk Enterprise Security Consultant.

Description

• Data Model ingestion, architecture and best practices
• Risk-based alerting
• Custom event based correlation searches
• Improve true positive detections and minimize false positives
• Utilization of Splunk curated detections
• Threat Intelligence workflows
• Threat Intelligence feeds and integration of Splunk ES with other security tools (TIP, SOAR, etc.)
• Security workflows

Must-have skills:
• 3 years of proven professional experience in administering, designing or utilizing Splunk Enterprise Security app for effective detection, alerting and security workflows
• Certifications on Splunk Enterprise Security Certified Admin or Splunk Certified Cybersecurity Defense Analyst is a huge plus
• Highly skilled in SPL queries, dashboards, alerts and various Splunk knowledge objects
• Experience in working with other security platforms and tools that can be integrated with Splunk such as Threat Intelligence Platform and SOAR
• Excellent written and verbal communication skills, fluent in English
• Ability to work independently and as part of a team
• You are open and easy-going, yet with a natural respect towards privacy and confidentiality.
• You are comfortable in a sometimes stressful and priority driven environment.

Start date: 1st of July.

End date: End of the year.

Allocation: Fulltime, Time & Material.

Lokation: Taastrup, Hybrid.