PWC is seeking candidates for the post of Associate in Bangalore. Candidates with knowledge of SIEM and Data Analytics are preferred for this job. The engineering individuals who want to make their career in PWC can apply for this job after checking the eligibility criteria.
Roles and Responsibilities
- Managing, Troubleshooting and deploying Global Splunk Enterprise (Distributed & Clustered) implementations in medium to large sized customers/territories.
- Monitor & Keep the Splunk Enterprise instances in good health to serve our customers with highest platform availability.
- Monitor & Manage Splunk Platform Incidents, Triage, Troubleshoot to fix them and escalate to different stakeholders to resolve the Splunk Incidents by working in 24/7 working shift model.
- Managing Splunk Access Roles & Administering Splunk App for Enterprise Security (ES) log management and SIEM solutions.
- Integrating Splunk with a wide variety of legacy data sources that use various protocols.
- Create parser/scripts for custom log source integration.
- Troubleshooting Splunk modules/app, Report filters & queries, Splunk Access Issues & also issues with log source integration.
- Consulting with customers to customize and configure Splunk in order to meet their requirements.
- Part of your occupation is the security perimeter enforcement, security logging and/or monitoring solutions, i.e. Palo Alto, Checkpoint, Juniper, Cisco, Blue Coat Websense, SNORT, Sourcefire, RSA Netwitness, RSA Security Analytics, RSA enVision, RSA ECAT, EnCase Enterprise, FireEye, Firemon, Tufin, McAfee ePO, Bit 9, Avecto, Ionic, SolarWinds, Hadoop, Splunk and Google Analytics.
- Have to create visualizations in Splunk and custom queries to improve views & dashboards.
Education and Experience
Minimum Education Level– Engineering Bachelor or equivalent
Experience– 2+ years of experience
- Strong Working Knowledge on SIEM and Data Analytics SIEM Platform – SPLUNK.
- Strong understanding of Networking / Routing fundamentals, traffic and operating systems (Windows & Unix/Linux), TCP/IP, DNS, Firewalls, Security Proxies – CCNA level competence.
- Good knowledge in Linux/UNIX – Scripting, RegEx.
- Must have experience of developing custom SIEM parsers.
- Proficient with troubleshooting tools – Wireshark, TCPdump, Name lookup…etc
- The candidate should have solid, hands-on (i.e. not just theoretical or training course-acquired) know-how and demonstrable ability in the areas of Splunk – i.e. Splunk ES App..etc (Splunk certifications is a plus)
- Good hold in Security domain knowledge with use case development and its integration with SIEM.
- Must have enterprise deployment knowledge or hands-on experience of a SIEM – End to End :
- SIEM design
- Deployment
- Fine-Tuning & Troubleshooting
- Parser development
- Strong written and verbal communication skills in English
Mandatory and Preferred Skill– Splunk administrator, SIEM, Splunk Integration, Forwarder Management
Location
Bangalore
