You will have:
- Strong experience configuring and developing Splunk SIEM content in a complex ICT environment.
- Extensive experience with core on-premises Splunk components, Splunk and Splunk ES, data acquisition, mapping data to the Splunk Common Information Model and developing and implementing technical use-cases, alerts, dashboards and reports.
- Demonstrated cyber security experience, including significant experience working in a Security Operations Centre or Cyber engineering.
- Demonstrated experience working across multiple vendor technologies, including Windows, Linux and security appliances.
- Certification in Splunk is mandatory