The Role Experience with Splunk ES involves using it as a SIEM to detect, investigate, and respond to security threats through features like incident investigation, 24/7 threat monitoring, automated response playbooks via Splunk SOAR, AI-powered agentic capabilities, and customizable analytics. Key aspects of this experience include data ingestion and correlation from diverse sources like firewalls and endpoints, building correlation searches, creating and assigning findings, and utilizing a unified workflow with features like response plans and case management to streamline SOC operations Should have experience in Splunk Enterprise skills, ITSI implementation, support of Splunk in a multi-site clustering environment, understanding of CIM and DMA, Red Hat, Windows. Your responsibilities: (Up to 10, Avoid repetition) Candidate must be Excellent Splunk Enterprise 7/8. *, Splunk SOAR skills Good ITSI implementation skill Understanding of Installation, management, and support of Splunk 7/*. * in a multi-site clustering environment Hands on experience of security data sources on-boarding / parsing. Development of security use cases using Splunk Enterprise with good understanding of CIM and DMA. Practical experience in monitoring and tuning a Splunk environment to provide a high availability service Demonstrate a good knowledge of Splunk apps and the way in which those apps interact with the underlying infrastructure Ownership of the deliveries for small to large size Splunk onboarding projects Competent in command line and GUI interfaces of Splunk Enterprise /ITSI Good understanding of Security models and auditing policies of Splunk Ability to automate repetitive Splunk tasks to remove workload from the team Demonstrate knowledge of implementing and supporting Splunk as a shared service Red Hat, Windows Your Profile Essential skills/knowledge/experience: (Up to 10, Avoid repetition) Candidate must be Excellent Splunk Enterprise 7/8. *, Splunk SOAR skills Good ITSI implementation skill Understanding of Installation, management, and support of Splunk 7/*. * in a multi-site clustering environment Hands on experience of security data sources on-boarding / parsing. Development of security use cases using Splunk Enterprise with good understanding of CIM and DMA. Practical experience in monitoring and tuning a Splunk environment to provide a high availability service Demonstrate a good knowledge of Splunk apps and the way in which those apps interact with the underlying infrastructure Ownership of the deliveries for small to large size Splunk onboarding projects Competent in command line and GUI interfaces of Splunk Enterprise /ITSI Good understanding of Security models and auditing policies of Splunk Ability to automate repetitive Splunk tasks to remove workload from the team Demonstrate knowledge of implementing and supporting Splunk as a shared service Red Hat, Windows Desirable skills/knowledge/experience: (As applicable) Candidate must be Excellent Splunk Enterprise 7/8. *, Splunk SOAR skills Good ITSI implementation skill Understanding of Installation, management, and support of Splunk 7/*. * in a multi-site clustering environment Hands on experience of security data sources on-boarding / parsing. Development of security use cases using Splunk Enterprise with good understanding of CIM and DMA. Practical experience in monitoring and tuning a Splunk environment to provide a high availability service Demonstrate a good knowledge of Splunk apps and the way in which those apps interact with the underlying infrastructure Ownership of the deliveries for small to large size Splunk onboarding projects Competent in command line and GUI interfaces of Splunk Enterprise /ITSI Good understanding of Security models and auditing policies of Splunk Ability to automate repetitive Splunk tasks to remove workload from the team Demonstrate knowledge of implementing and supporting Splunk as a shared service Red Hat, Windows