Splunk Phantom Expert - Sydney

Company: Doublu
Applicants: Applications: 1 | Visits: 6
Your Application: You have not applied yet
Recruiter Statistics: CVs seen: 0, Deleted: 0, Unread: 1
Location: Sydney, Australia
Allows working from home: Yes
JOB DESCRIPTION
Requirements:


Candidate must have 10+ years of Security space performing work within Splunk ES and Administering & Splunk Phantom., 5+ years of Must to have the following as the role requires the resource to be creating Phantom Playbooks for Splunk ES: 1. Splunk Enterprise Security Certified Admin 2. Splunk Phantom Certified Admin a. Old Splunk 6.x certifications can be considered, but these would already be expired Important skills for the SPLUNK Admin role: - Completed the following to training modules
- Splunk Fundamentals 1
- Splunk Fundamentals 2
- Splunk Enterprise System Administration
- Splunk Enterprise Data Administration (optional but will be an advantage)
- Troubleshooting Splunk
- Cluster Administration
- Implementing Splunk SmartStore
- Splunk Workload Management
- Working with Metrics in Splunk - 4-Years hands-on experience as a SPLUNK Administrator in a clustered environment.



Responsibilities:

 -Splunk Enterprise Security Certified Admin

- Splunk Phantom Certified Admin The Scope of Work includes:
- Automate security incident systems to reduce Mean Time To Resolve (MTTR) security incidents. Security

incident staff have more incidents than can be handled effectively, requiring investment in automation to improve the incident response times and the number of total incident per day throughput. This resource will assist by: O Automated ticket handling so that more tickets are processed automatically, avoiding the need for handling by incident response staff. O Automation of manual tasks including raising ITAM tickets, and notifying system owners of denial of service incidents, reducing manual workload by 15 minutes per ticket requiring these actions. O Enrichment of incident tickets so that incident responders have more information already populated in each ticket, reducing the need to log in to other systems as part of their workflow.



Benefits:
- Bonus: Certified SPLUNK Admin or SPLUNK Architect - Bonus: Splunk ITSI Experience





JOB TYPE
Work Day: Full Time
Employment type: Permanent Job
Salary: Negotiable
Positions available: 5


JOB REQUIREMENTS
Minimal experience: No experience
Gender: Indistinct



Jobs you may be interested in






    Tips You May Be Interested In