Career Opportunity

SOC/SIEM Engineer – Splunk

Location

Egypt

Employment Type

Full Time

Principal Duties & Responsibilities

  1. The selected candidate will be part of a distributed SOC team and will be deployed on customer site. He/She will be responsible for configuring the collection, parsing, correlation, and visualization of events for IT systems (Firewalls – Windows/NIX Servers - Routers/Switches – cloud solutions - etc..).
  2. She/he will demonstrate strong skills in system administration, log management, event correlation, and threat detection and will be responsible for building and maintaining use cases to detect suspicious behaviors and trigger alerts for monitoring, and tune use cases to address and respond to false positives.
  3. The successful candidate will be responsible for onboarding new data sources into Splunk, building dashboards highlighting the key trends of the data, support analyzing the data for anomalies, and collection and extraction of data used to refine existing and new reports, analytics, and dashboards.
  4. He/She will be involved with the drafting and creation of reports and dashboards based on customer requirements. The successful candidate will participate and provide support in investigating and analyzing detected suspicious behaviors. She/he will also act as technical focal point with customer.

Education, Experience & Skills

  1. Bachelor’s degree in computer science, computing, informatics, or engineering.
  2. Splunk certified is preferred.
  3. 3+ years of cyber security experience. SOC experience is preferred.Experience and talent in data visualization.
  4. Experience creating workflows for Incident Response within a SIEM Tool.
  5. Experience in design, implementation, and support of Splunk core components, including indexers, forwarders, search heads, and cluster managers.
  6. Experience with configuration and administration of Splunk ingestion and forwarding for new and existing applications and data.
  7. Experience with troubleshooting Splunk dataflow issues between the various Splunk core components.
  8. Experience configuring and deploying data collection for a variety of operating systems and networking platforms.
  9. Experience creating Dashboards and Analytics within SIEM tools.
  10. Experience creating and tuning use cases to address monitoring systems supporting auditing, incident response, and system health.
  11. Understanding of networking components and devices, ports, protocols, and basic networking troubleshooting steps.
  12. The ability to troubleshoot issues with log feeds, search time, and field extractions.
  13. The ability to troubleshoot problems related to data sources.

 

Apply Now

Contact Us