Enterprise Security Analyst (Splunk)

April 4, 2024

  • Full Time
  • Stockholm
  • considering candidates only who are inside Sweden and across Europe who are willing to relocate

Our client is looking for a seasoned Splunk Enterprise Security Consultant to help them improve their overall implementation and utilization of the Splunk Enterprise Security App.

Assignment Description
  • Data Model ingestion, architecture and best practices.
  • Risk-based alerting.
  • Custom event based correlation searches.
  • Improve true positive detections and minimize false positives.
  • Utilization of Splunk curated detections.
  • Threat Intelligence workflows.
  • Threat Intelligence feeds and integration of Splunk ES with other security tools (TIP, SOAR, etc.).
  • Security workflows.

Technical Skills

  • Proven professional experience in administering, designing or utilizing Splunk Enterprise Security app for effective detection, alerting and security workflows.
  • Certifications on Splunk Enterprise Security Certified Admin or Splunk Certified Cybersecurity Defense Analyst is a huge plus.
  • Highly skilled in SPL queries, dashboards, alerts and various Splunk knowledge objects.
  • Experience in working with other security platforms and tools that can be integrated with Splunk such as Threat Intelligence Platform and SOAR.
  • Ability to work independently and as part of a team.
  • You are open and easy-going, yet with a natural respect towards privacy and confidentiality.
  • You are comfortable in a sometimes stressful and priority driven environment.
Maximum file size: 256 MB.