Splunk Enterprise Security Consultant
IT & Telekom
Detta uppdrag är inte längre tillgängligt.
Emagine are now looking for an ISRRP Splunk Enterprise Security Consultant to our Nordic banking client.
Start date: 2024-07-01
End date: 2024-12-31
Location: Stockholm
End date: 2024-12-31
Location: Stockholm
Would you like to join our client's Cyber Defence Centre in supporting the mission to protect the bank and its customers? We are looking for a seasoned Splunk Enterprise Security Consultant to help us improve our overall implementation and utilization of the Splunk Enterprise Security App. This position is based in Stockholm, Copenhagen, Oslo, Helsinki or Gdynia.
we know our customers’ needs are changing – and we’re deeply committed to meeting them with the financial solutions of tomorrow. We’re creating an agile environment where we’re harnessing the power of technology – one where you can make an impact. So bring your skills, ideas and unique background. With us, you’ll find plenty of opportunities to grow and make your mark on something bigger.
About this opportunity
Welcome to the Cyber Defence Centre. The unit has 3 tracks: Investigations, Intelligence and Data Analysis. It is a trusted and highly capable entity supporting Nholistically and collaborating externally in fighting cyber threats.
What you’ll be doing - Support the development and improvements of the Splunk Enterprise Security app implementation and utilization in the following areas:
• Data Model ingestion, architecture and best practices
• Risk-based alerting
• Custom event based correlation searches
• Improve true positive detections and minimize false positives
• Utilization of Splunk curated detections
• Threat Intelligence workflows
• Threat Intelligence feeds and integration of Splunk ES with other security tools (TIP, SOAR, etc.)
• Security workflows
You will be joining a team that is spread across the Nordics and Poland and consist of highly experienced and broadly experienced professionals.
Who you are
Collaboration. Ownership. Passion. Courage. These are the values that guide us in being at our best – and that we imagine you share with us.
To succeed in this role, you are someone with a technical background as well as an understanding of threat intelligence. The following experience and competencies are relevant to succeed in this role:
• 3 years of proven professional experience in administering, designing or utilizing Splunk Enterprise Security app for effective detection, alerting and security workflows
• Certifications on Splunk Enterprise Security Certified Admin or Splunk Certified Cybersecurity Defense Analyst is a huge plus
• Highly skilled in SPL queries, dashboards, alerts and various Splunk knowledge objects
• Experience in working with other security platforms and tools that can be integrated with Splunk such as Threat Intelligence Platform and SOAR
• Excellent written and verbal communication skills, fluent in English
• Ability to work independently and as part of a team
• You are open and easy-going, yet with a natural respect towards privacy and confidentiality.
• You are comfortable in a sometimes stressful and priority driven environment.
we know our customers’ needs are changing – and we’re deeply committed to meeting them with the financial solutions of tomorrow. We’re creating an agile environment where we’re harnessing the power of technology – one where you can make an impact. So bring your skills, ideas and unique background. With us, you’ll find plenty of opportunities to grow and make your mark on something bigger.
About this opportunity
Welcome to the Cyber Defence Centre. The unit has 3 tracks: Investigations, Intelligence and Data Analysis. It is a trusted and highly capable entity supporting Nholistically and collaborating externally in fighting cyber threats.
What you’ll be doing - Support the development and improvements of the Splunk Enterprise Security app implementation and utilization in the following areas:
• Data Model ingestion, architecture and best practices
• Risk-based alerting
• Custom event based correlation searches
• Improve true positive detections and minimize false positives
• Utilization of Splunk curated detections
• Threat Intelligence workflows
• Threat Intelligence feeds and integration of Splunk ES with other security tools (TIP, SOAR, etc.)
• Security workflows
You will be joining a team that is spread across the Nordics and Poland and consist of highly experienced and broadly experienced professionals.
Who you are
Collaboration. Ownership. Passion. Courage. These are the values that guide us in being at our best – and that we imagine you share with us.
To succeed in this role, you are someone with a technical background as well as an understanding of threat intelligence. The following experience and competencies are relevant to succeed in this role:
• 3 years of proven professional experience in administering, designing or utilizing Splunk Enterprise Security app for effective detection, alerting and security workflows
• Certifications on Splunk Enterprise Security Certified Admin or Splunk Certified Cybersecurity Defense Analyst is a huge plus
• Highly skilled in SPL queries, dashboards, alerts and various Splunk knowledge objects
• Experience in working with other security platforms and tools that can be integrated with Splunk such as Threat Intelligence Platform and SOAR
• Excellent written and verbal communication skills, fluent in English
• Ability to work independently and as part of a team
• You are open and easy-going, yet with a natural respect towards privacy and confidentiality.
• You are comfortable in a sometimes stressful and priority driven environment.
Period
2024-07-01 -
2024-12-31