GMS-Senior-Technology Specialist-Splunk SIEM TechOps

At EY youll have the chance to build a career as unique as you are with the global scale support inclusive culture and technology to become the best version of you. And were counting on your unique voice and perspective to help EY become even better too. Join us and build an exceptional experience for yourself and a better working world for all.

CMSTDR Senior (TechOps)

KEY Capabilities :

• Experience in working with Splunk Enterprise Splunk Enterprise Security & Splunk UEBA
• Minimum of Splunk Power User Certification
• Good knowledge in programming or Scripting languages such as Python (preferred) JavaScript (preferred) Bash PowerShell Bash etc.
• Perform remote and on-site gap assessment of the SIEM solution.
• Define evaluation criteria & approach based on the Client requirement & scope factoring industry best practices & regulations
• Conduct interview with stakeholders review documents (SOPs Architecture diagrams etc.)
• Evaluate SIEM based on the defined criteria and prepare audit reports
• Good experience in providing consulting to customers during the testing evaluation pilot production and training phases to ensure a successful deployment.
• Understand customer requirements and recommend best practices for SIEM solutions.
• Offer consultative advice in security principles and best practices related to SIEM operations
• Design and document a SIEM solution to meet the customer needs
• Experience in onboarding data into Splunk from various sources including unsupported (in-house built) by creating custom parsers
• Verification of data of log sources in the SIEM following the Common Information Model (CIM)
• Experience in parsing and masking of data prior to ingestion in SIEM
• Provide support for the data collection processing analysis and operational reporting systems including planning installation configuration testing troubleshooting and problem resolution
• Assist clients to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources
• Assist client with technical guidance to configure end log sources (in-scope) to be integrated to the SIEM
• Experience in handling big data integration via Splunk
• Expertise in SIEM content development which includes developing process for automated security event monitoring and alerting along with corresponding event response plans for systems
• Hands-on experience in development and customization of Splunk Apps & Add-Ons
• Builds advanced visualizations (Interactive Drilldown Glass tables etc.)
• Build and integrate contextual data into notable events
• Experience in creating use cases under Cyber kill chain and MITRE attack framework
• Capability in developing advanced dashboards (with CSS JavaScript HTML XML) and reports that can provide near real time visibility into the performance of client applications.
• Experience in installation configuration and usage of premium Splunk Apps and Add-ons such as ES App UEBA ITSI etc
• Sound knowledge in configuration of Alerts and Reports.
• Good exposure in automatic lookup data models and creating complex SPL queries.
• Create modify and tune the SIEM rules to adjust the specifications of alerts and incidents to meet client requirement
• Work with the client SPOC to for correlation rule tuning (as per use case management life cycle) incident classification and prioritization recommendations
• Experience in creating custom commands custom alert action adaptive response actions etc.

Qualification & experience :

EY Building a better working world

EY exists to build a better working world helping to create long-term value for clients people and society and build trust in the capital markets.

Enabled by data and technology diverse EY teams in over 150 countries provide trust through assurance and help clients grow transform and operate.

Working across assurance consulting law strategy tax and transactions EY teams ask better questions to find new answers for the complex issues facing our world today.

Required Experience :

Senior IC

Key Skills

Computer Hardware,IT Experience,Network Administration,Network Support,LAN,Computer Networking,Computer Skills,Windows,Sharepoint,Teaching,Operating Systems,Leadership Experience

Employment Type : Full Time

Experience : years

Vacancy : 1