A minimum of 3 years of experience working in detection engineering, threat hunting, security operations, or incident response using Splunk Enterprise Security or Microsoft Sentinel
Experience with the processes to add/update/delete detection rules in Splunk Enterprise Security and Microsoft Sentinel.
Proficient in detection engineering methodologies including SNORT and YARA rules.
Proficient in Python programming, Bash, and PowerShell.
Proficient in Splunk’s Search Processing Language, React, Kusto Query Language, and the Common Information Model (CIM)
Knowledgeable and experienced in leveraging cybersecurity threat intelligence, indicators of compromise, STIX/TAXII data feeds, MITRE ATT&CK, and SIEM integrations.
Strong experience in networking principles, operating systems (Linux / Windows), and security tools such as IDS/IPS, firewalls, proxy servers and Endpoint Detection and Response (EDR).
Knowledge of Windows Sysinternal Suite (including Sysmon) Unix audited, and how to tune configuration files for identification of malicious activity.
At least one of the following certifications:
Splunk Enterprise Security Certified Admin credential or have passed the AZ-500 Microsoft Azure Security Technologies exam.
Powered by JazzHR
Seniority level
Entry level
Employment type
Full-time
Job function
Information Technology
Industries
Staffing and Recruiting
Referrals increase your chances of interviewing at Maania Consultancy Services by 2x