Splunk Practitioner
Apply NowCompany: Tata Consultancy Services
Location: Bloomfield, CT 06002
Description:
Must Have Technical/Functional Skills
Splunk Architect or Admin Experience
Splunk Enterprise Security administration
Design of Splunk Single Site or Multi-site distributed deployment or Splunk Cloud Administration
Splunk Software Upgrade and management of HF and UF
Splunk TA-addon, Search Apps deployment
Experience in Splunk SPL language writing the Cyber security correlation rule
Create splunk dashboards, write splunk search, familiar with splunk search functions. create search alerts.
Should have experience in Cyber Security
Splunk Data model(CIM) development
Splunk field extractions and regular expressions
Splunk knowledge objects development, event types, macro creation
Splunk Data on-boarding experience for Security devices, OS platform, Application logs,
DB audit trail logs and Custom addon creation
Create splunk deployment server apps and Deployment of apps
Splunk TA addon installation, create parsing rules and transform rules.
Splunk Enterprise Security experience preferred
Splunk DB connect app Management and troubleshooting
Splunk HF/UF and HEC management
Syslog-NG or rsyslog configuration management
Splunk Workflow actions creation management
Roles & Responsibilities
Designs and optimizes Splunk implementation, development, and deployment of custom, Splunk, Premium and Free Apps and platform architecture for large-scale and distributed deployments
Establishes best practices and development standards, and ensures that the team adopts them for splunk
deployment
Maintains a close partnership with Splunk on feature requests, upgrade planning, and product roadmap alignment
Use Splunk as the primary security platform for your work
Propose innovative uses cases for security and compliance and create rapid prototypes and implement and map
MITRE framework
Design and implement dashboards and reports.
Manage data onboarding and defining configurations
Performs data interpretation, classification, and enrichment
Manages knowledge objects (fields, extractions, tags, event types, lookups, workflow acti ons, aliases, macros,
and so on)
Configures summary-based reports and data model acceleration
Develops and maintains system, process, training, and documentation for the platform, operations, and
monitoring components of the solution.
Works cross-functionally to analyze and resolve systems problems.
Provides functional backup for the operation of system tools/utilities platforms outside the incumbent's primary
system responsibilities as required.
Strong Understanding of MITRE framework and other threat modelling framework
Work in an Agile based model with aggressive delivery timelines
Generic Managerial Skills, If any
Exposure to modern programming in at least one or more modern languages (Python, JavaScript, PowerShell)
Expertise in data visualization.
Familiarity with engineering concepts is a must - system integration, technical architecture, business intelligence, infrastructure, technology research, new technology development, etc
Experience implementing and/or consulting on DevOps principles.
Hands-on experience with continuous delivery pipelines, testing strategies, and quality validation.
Out-of-the-box thinker driven to lower costs using conventional/non-conventional solutions.
Excellent time management and organizational skills.
Project Management activities
Analyze security events and alerts to identify potential threats and anomalies.
proficiency in scripting language (eg., Python, PowerShell) for automation and integration tasks
strong analytical and problem-solving skills with attention to detail
Certifications and Trainings
Splunk Admin Certification or Architect certification desired
Splunk Cloud Administration desired
Splunk Enterprise Security Admin
Splunk Core Certified Power user
Splunk Troubleshooting
Splunk Architecting and Deployment
Splunk Knowledge Manager and Search expert level trainings
Salary Range: $130,000-$160,000 a year
TCS Employee Benefits Summary:
Discretionary Annual Incentive.
Comprehensive Medical Coverage: Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans.
Family Support: Maternal & Parental Leaves.
Insurance Options: Auto & Home Insurance, Identity Theft Protection.
Convenience & Professional Growth: Commuter Benefits & Certification & Training Reimbursement.
Time Off: Vacation, Time Off, Sick Leave & Holidays.
Legal & Financial Assistance: Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing.
#LI-SP1
Splunk Architect or Admin Experience
Splunk Enterprise Security administration
Design of Splunk Single Site or Multi-site distributed deployment or Splunk Cloud Administration
Splunk Software Upgrade and management of HF and UF
Splunk TA-addon, Search Apps deployment
Experience in Splunk SPL language writing the Cyber security correlation rule
Create splunk dashboards, write splunk search, familiar with splunk search functions. create search alerts.
Should have experience in Cyber Security
Splunk Data model(CIM) development
Splunk field extractions and regular expressions
Splunk knowledge objects development, event types, macro creation
Splunk Data on-boarding experience for Security devices, OS platform, Application logs,
DB audit trail logs and Custom addon creation
Create splunk deployment server apps and Deployment of apps
Splunk TA addon installation, create parsing rules and transform rules.
Splunk Enterprise Security experience preferred
Splunk DB connect app Management and troubleshooting
Splunk HF/UF and HEC management
Syslog-NG or rsyslog configuration management
Splunk Workflow actions creation management
Roles & Responsibilities
Designs and optimizes Splunk implementation, development, and deployment of custom, Splunk, Premium and Free Apps and platform architecture for large-scale and distributed deployments
Establishes best practices and development standards, and ensures that the team adopts them for splunk
deployment
Maintains a close partnership with Splunk on feature requests, upgrade planning, and product roadmap alignment
Use Splunk as the primary security platform for your work
Propose innovative uses cases for security and compliance and create rapid prototypes and implement and map
MITRE framework
Design and implement dashboards and reports.
Manage data onboarding and defining configurations
Performs data interpretation, classification, and enrichment
Manages knowledge objects (fields, extractions, tags, event types, lookups, workflow acti ons, aliases, macros,
and so on)
Configures summary-based reports and data model acceleration
Develops and maintains system, process, training, and documentation for the platform, operations, and
monitoring components of the solution.
Works cross-functionally to analyze and resolve systems problems.
Provides functional backup for the operation of system tools/utilities platforms outside the incumbent's primary
system responsibilities as required.
Strong Understanding of MITRE framework and other threat modelling framework
Work in an Agile based model with aggressive delivery timelines
Generic Managerial Skills, If any
Exposure to modern programming in at least one or more modern languages (Python, JavaScript, PowerShell)
Expertise in data visualization.
Familiarity with engineering concepts is a must - system integration, technical architecture, business intelligence, infrastructure, technology research, new technology development, etc
Experience implementing and/or consulting on DevOps principles.
Hands-on experience with continuous delivery pipelines, testing strategies, and quality validation.
Out-of-the-box thinker driven to lower costs using conventional/non-conventional solutions.
Excellent time management and organizational skills.
Project Management activities
Analyze security events and alerts to identify potential threats and anomalies.
proficiency in scripting language (eg., Python, PowerShell) for automation and integration tasks
strong analytical and problem-solving skills with attention to detail
Certifications and Trainings
Splunk Admin Certification or Architect certification desired
Splunk Cloud Administration desired
Splunk Enterprise Security Admin
Splunk Core Certified Power user
Splunk Troubleshooting
Splunk Architecting and Deployment
Splunk Knowledge Manager and Search expert level trainings
Salary Range: $130,000-$160,000 a year
TCS Employee Benefits Summary:
Discretionary Annual Incentive.
Comprehensive Medical Coverage: Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans.
Family Support: Maternal & Parental Leaves.
Insurance Options: Auto & Home Insurance, Identity Theft Protection.
Convenience & Professional Growth: Commuter Benefits & Certification & Training Reimbursement.
Time Off: Vacation, Time Off, Sick Leave & Holidays.
Legal & Financial Assistance: Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing.
#LI-SP1