Nair Systems
Nair Systems is currently looking for Splunk SIEM Consultant for our Qatar operations with the following terms & conditions.
Ownership & execution of:
A. New Use Cases
• Validate new use case requests from Bank team; scope the use case
• Work with Bank team to understand requirement and identify log sources required
• Setup ingestion and parsing of new data sources.
• Scope and build the new use case
• Confirm acceptance on requirement from Bank
• Migrate use case to Production.
• Build relevant data model and optimise use.
• Publish and transition use case to Operations team.
B. Custom application integration
• Validate new application integration & relevant use case from Bank team.
• Define custom use case and required log sources and event type for ingestion.
• Setup ingestion and build customised parsing.
• Build and test custom use case.
• Confirm acceptance on requirement from Bank / iterate as needed.
• Migrate custom ingestion, parsing, and use case to production.
• • Publish and transition to Operations team.
C. Additional Roles:
• Ensure support for integration of Splunk with other tools and solutions if needed.
• Single point of contact to the Bank’s stakeholders and OEM Platform Support Team
• Implement and execute change process for: Data model updates, changes to rules and use cases, changes to asset/user priority and severity and similar configurations.
• Improvise threat hunting capabilities of operations team with Splunk. Continuous
• improvement of operational SOPs and framework for analytical, statistical, mathematical models
• leveraging AI/ML capabilities of the technology for threat detection and prediction capabilities and advanced use cases.
• Optimize performance and fine tune the configuration, rules, policies etc. on a continuous basis as per operations team feedback and incidents.
• Prepare road map for product maturity and enhancements plan and ensure the recommended featured deliver within the agreed times.
• Represent Splunk SIEM Operations in meetings, discussions etc. to provide technology specific
Joining time frame: 2 weeks (maximum 1 month)
Should you be interested in this opportunity, please send your latest resume in MS Word format at the earliest at [email protected]
Cautionary Notice: qatarjobsdaily.com Warns Job Seekers Against Paying Employers for Visa or Expenses - Legitimate Employers Should Cover These Costs Themselves.