کارشناس مرکز عملیات امنیت (اسپلانک)

کارت اعتباری ایران کیش تهران

منتشر شده 2 سال پیش

سمت شغلی

شرکت

حقوق

آمار رزومه‌های ارسال شده

Job Description

● Monitor, review, and investigate events generated by the SIEM on a daily basis. ● Create trouble tickets for reported issues. ● Initial classification and severity labeling of each new incident. ● Develop and deploy IDS signatures based on various threats. ● Investigate triggered signatures from various security tools and appliances to identify threats and false positives. ● Recognize potential, successful, and unsuccessful intrusion attempts and perform careful analyses of relevant event detail and summary information. ● Write custom scripts to automate certain tasks. ● Perform vulnerability scanning to discover and analyze vulnerabilities and characterize risks to information system components. ● Recommend appropriate remedial actions to mitigate identified security vulnerabilities.

Requirements

● 4 years of experience in Splunk Enterprise (Security); 6 years of experience in Linux and Windows OS. ● Deep knowledge of TCP/IP network OSI model. ● Good understanding of the concepts of databases. ● Knowledge of Python, Regex, and Bash Scripting. ● Expert in installing and deploying the Splunk Enterprise as distributed clustering. ● Hands-on in Splunk Search String Language (SPL). ● Fully proficient in concepts of Add-ons and Apps. ● Sufficient knowledge of working with Splunk ES. ● Sufficient experience working in the SOC department. ● Knowledge of ethical hacking, incident response, threat intelligence, and threat hunting.

Employment Type