Enable job alerts via email!
SPLUNK ENGINEER
QUESSCORP SINGAPORE PTE. LTD.
Singapore
On-site
SGD 70,000 - 90,000
Full time
Yesterday
Be an early applicant
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A technology firm in Singapore seeks a professional for SIEM Infrastructure administration. The successful candidate will be responsible for monitoring server performance, performing health checks, and managing data onboarding processes. Strong skills in Splunk, troubleshooting, and integrating various log sources are essential. The role involves documentation of standard operating procedures and the continuous finetuning of use cases. The ideal candidate should have relevant IT certifications and experience in cyber security.
Qualifications
- Experience in managing and optimizing SIEM infrastructures.
- Ability to integrate multiple log sources and perform compliance checks.
- Strong troubleshooting skills related to SIEM components.
Responsibilities
- Perform SIEM health checks and monitor server performance.
- Oversee data onboarding and ensure compliance.
- Develop new use cases while finetuning existing ones.
- Troubleshoot SIEM issues and liaise with IT support.
Skills
SIEM health check
Splunk configurations
Data Onboarding
Use case development
Troubleshooting
Education
Relevant IT or Cybersecurity certification
Tools
Splunk
Job description
SIEM Infrastructure administration
- Perform SIEM health check
- Monitor SIEM Server Storage, CPU and Memory Usage and perform necessary action.
- Perform SIEM version upgrade
- Update Splunk configurations based on security advisory
- SIEM Infra Tuning and Performance Optimization
- Monitor SIEM data sources proactively to identify issues in the environment (ex: Index Cluster / Search head cluster issues / etc)
SIEM Data onboarding
- Data Onboarding (Including first level assessment, UAT Testing before live)
- Integration numerous logs sources including servers (Windows & Linux), devices and security tools like NAC, PAM, NBAD, IPS DAM, DLP, AVetc.
- Data Parser and CIM Mapping Configuration
SIEM Use Case Development
- Finetuning existing use cases
- Build new use cases
SIEM Troubleshooting and Splunk servers reconciliation
- Troubleshoot, investigate and remediate identified SIEM issues
- Monitor and troubleshoot the servers that have stopped reporting
- Troubleshooting issues with search scheduler management
- Search head tuning and optimization, for missed searches, failed jobs and scheduling searches etc.
- Liaise with IT support groups & service providers to resolve outstanding issues such log onboarding (e.g. HF related issue – Coreteam, source related issue – Cyber team to coordinate)
- Reconcile Splunk servers periodically
SIEM Documentation
- Prepare/update SIEM tool SOPs
- Update Splunk built documents, whenever there are changes to Splunk deployment architecture
- Prepare/update Splunk guide for agent installations
Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Michael Carter
I was stuck sending out resumes with no response until I used JobLeads. They made my resume impossible for recruiters to ignore.
Sophie Reynolds
JobLeads' resume review helped me fix critical mistakes, and I started getting interviews almost immediately!
Daniel Fischer
With JobLeads' resume review, my resume went from overlooked to interview-ready in no time!