Desired Skills and Experience
- Experience in Information Security, Risk Management, Infrastructure Security and Compliance
- Security device installations, configuration and troubleshooting (e.g., firewall, IDS, etc.)
- Hands on experience in supporting AWS and Azure Assets, especially supporting Splunk deployment in AWS/Splunk ES as a service
- Experience in deploying different type of forwarders and Apps
- Deep knowledge in AWS services and serverless architecture
- Expertise in UNIX, Linux, and Windows - able to tear down and rebuild a host system
- Experience with Database installation and configuration is required and Oracle experience is a plus
- Exploit and detection analysis skills, including ability to analyze logs for useful information and patterns
- Install, configure, tune, and maintain the Splunk SIEM components
- Primarily focus on content creation regarding advanced threat analysis (rules, variables, trending, watch lists, etc) of incoming data and for self-monitoring of the solution itself.
- Perform supporting tasks such as system hardening, high availability configurations, and developing backup strategies.
- Assist with the creation of detailed deployments plans, architectural drawings and operation manuals.
- Assist with event source auditing configurations, integration with various security platforms, network devices, and systems
- Expert in development of Regular Expression (REGEX)
- Good understanding of Infrastructure Security and its impact on Security Operations, Vulnerabilities, Reporting, Analytics and Monitoring
- Good understanding and experiences with Infrastructure Security, Risk assessment and Security Information and Event Management
- Experience working in a diversified, virtual environment
- Administrational tool development and maintenance
- Desirable to have some certifications such as CISSP, ITIL, CISA, CISM and GIAC-GCIA
- Desirable to have some advanced Certification from SIEM vendor on products such as HP ArcSight or RSA envision
Apply