Splunk Platform Support Engineer EMEA

PwC

  • Warszawa

    Warszawa, mazowieckie
  • ogłoszenie wygasło ponad miesiąc temu
  • umowa o pracę, kontrakt B2B
  • pełny etat
  • specjalista (Mid / Regular)
  • praca zdalna, praca hybrydowa
  • rekrutacja zdalna

Technologie, których używamy

Wymagane

  • Splunk

System operacyjny

Twój zakres obowiązków

  • Managing, Troubleshooting and deploying Global Splunk Enterprise (Distributed & Clustered) implementations in medium to large sized customers/territories

  • Monitor & Keep the Splunk Enterprise instances in good health to serve our customers with highest platform availability

  • Monitor & Manage Splunk Platform Incidents, Triage, Troubleshoot to fix them and escalate to different stakeholders to resolve the Splunk Incidents

  • Managing Splunk Access Roles & Administering Splunk App for Enterprise Security (ES) log management and SIEM solutions

  • Integrating Splunk with a wide variety of legacy data sources that use various protocols

  • Create parser/scripts for custom log source integration

  • Troubleshooting Splunk modules/app, Report filters & queries, Splunk Access Issues & also issues with log source integration

  • Consulting with customers to customize and configure Splunk in order to meet their requirements

  • Part of your occupation is the security perimeter enforcement, security logging and/or monitoring solutions, i.e. Palo Alto, Checkpoint, Juniper, Cisco, Blue Coat Websense, SNORT, SourceFire, RSA Netwitness, RSA Security Analytics, RSA enVision, RSA ECAT, EnCase Enterprise, FireEye, Firemon, Tufin, McAfee ePO, Bit 9, Avecto, Ionic, SolarWinds, Hadoop, Splunk and Google Analytics.

  • Have to create visualizations in Splunk and custom queries to improve views & dashboards

Nasze wymagania

  • Strong Working Knowledge on SIEM and Data Analytics SIEM Platform – SPLUNK

  • Strong understanding of Networking / Routing fundamentals, traffic and operating systems (Windows & Unix/Linux), TCP/IP, DNS, Firewalls, Security Proxies – CCNA level competence

  • Good knowledge in Linux/UNIX – Scripting, RegEx

  • Must have experience of developing custom SIEM parsers

  • Proficient with troubleshooting tools – Wireshark, TCPdump, Name lookup...etc

  • The candidate should have solid, hands-on (i.e. not just theoretical or training course-acquired) know-how and demonstrable ability in the areas of Splunk - i.e. Splunk ES App..etc (Splunk certifications is a plus)

  • Good hold in Security domain knowledge with use case development and its integration with SIEM

  • Must have enterprise deployment knowledge or hands-on experience of a SIEM – End to End : a) SIEM design b) Deployment c)Fine-Tuning & Troubleshooting d) Parser development

  • Strong written and verbal communication skills in English

  • Education Level: Engineering Bachelor or equivalents

  • Positive, “can-do” attitude towards colleagues, clients and problems alike

  • Keen to learn

  • Team Player

  • Inquisitive mind and capacity to delve into details

  • Work in an organized manner

Benefity

  • prywatna opieka medyczna

  • dofinansowanie szkoleń i kursów

  • ubezpieczenie na życie

  • opieka stomatologiczna

  • dodatkowe świadczenia socjalne

  • program rekomendacji pracowników

  • inicjatywy dobroczynne

Job Description & Summary

A strong team player who will be the part of the core Global team managing PwC Splunk infrastructure. Required: Knowledge of splunk or another SIEM platform, skills in Linux administration, basic networking skills, experience in troubleshooting, team player mentality, open to learn new technologies and to develop new skills.

The global splunk team - “Global Cyber & Enterprise Logging” - is organised in an Engineering team (members in Australia, US, CZ, DE, RO) responsible for engineering and adopting the global environment, the Platform support team (responsible to perform the daily operations of the environment) and a Customer Experience team (Onboarding of new devices/applications, creation of reports and dashboards for customers). Platform support and Customer experience teams are based in India.

To improve our customer service, we consider building up a new EMEA based operations team.