Splunk Admin

Job Title: Splunk Admin
Location: Hartford, CT
Duration: Contract

Job Description: Understand the customer environment and create HLD for SIEM & SOAR implementation

• Work with cross functional teams in enabling & implementing Splunk SIEM solution & logingestion from the customer's Security Stack.
• Enable OOB & custom usecases per customer requirement.
• Good experience in Splunk Query language
• Identity & implement possible automation scenarios leveraging Splunk Phantom

.6. Responsible Security event triage and security incidents investigations, including support forforensics analysis
.7. Conduct proactive threat and compromise analysis by reviewing reports to understand threatcampaign(s) techniques, lateral movements, and extract indicators of compromise (IOCs).

• Lead the team with accountability to ensure overall delivery requirements are met
• Monitor, evaluate, and assist with the maintenance of assigned security systems in accordance withindustry best practices to safeguard internal information systems and databases
• Analyze a variety of network and host-based security appliance logs determine the correctremediation actions and escalation paths for each incident.
• Ability to conduct packet analysis and articulate findings in order to fine-tune alerts
• Conduct advanced use case development leveraging all product features (trends + variables +hierarchal architectures, Pattern Discovery)
• Responsible for Security Incident Response and documentation of investigation reports
• Prioritize & determine events that are relevant for immediate action,
• Maintain an expert understanding of vulnerabilities, response, and mitigation strategies used tosupport cyber security operations
• Serve as point of escalation for Level 1/2 analysts
• Tune the logging from all security appliances for relevant alerting levels
• Work closely with all Security Operations staff to ensure 24x7 availability.

Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.