Key Responsibilities:

• Implement, manage, and optimize SIEM platforms such as Splunk and ELK Stack
• Configure and maintain clustering for Splunk and ELK Stack environments to ensure scalability, high availability, and fault tolerance.
• Collaborate with cybersecurity teams to design and develop security monitoring solutions, including custom log parsers, dashboards, and alerting.
• Configure and maintain data sources for SIEM systems (e.g., firewall, endpoint, and server logs).
• Create and fine-tune security rules and correlation searches in Splunk and ELK for improved threat detection.
• Provide expertise in troubleshooting and resolving SIEM-related issues and performance optimizations.
• Stay up-to-date with emerging cybersecurity trends, technologies, and best practices.

Skills and Qualifications:

•  Proven experience in SIEM engineering and security monitoring, specifically with Splunk and the ELK Stack.
•  Strong knowledge of clustering techniques in Splunk and ELK to ensure high availability and load balancing.
• Expertise in log management, event correlation, and threat hunting techniques.
• Experience in deploying, configuring, and administering Splunk and/or ELK in a production environment.
• Proficient in scripting languages (e.g., Python, Bash, PowerShell) for automation and custom integrations.
• Solid understanding of network security, endpoint security, and other IT security domains.