Stratogent - Splunk Admin

Role: Security Consultant

**Location**:

- Bangalore, 5 days, WFO

**Shift**:

- Rotational shift

**Roles and Responsibilities**:

- The primary responsibility is to work on the existing or new Incidents, Service Requests, and Tasks
- Triage the unresolved incidents or Requests to Leads
- Continually communicates with Leads and Customer
- Process
- Day to day Operational issues, requests and Project tasks
- Incident response and resolution within SLA's with excellent analytical and troubleshooting skills
- Providing all the necessary details to leads about the issue, steps taken, recommendation and any other relevant information
- Ticket Status Check and Update
- Respond to False Positive Alerts
- Incident Escalation and Progress Monitoring
- Create, review, update, and maintain Standard Operating Procedures.
- Prepare RCA for the escalated incidents.
- Perform the Shift handovers

Security Incident Response:

- Leads the escalation as a point for security incidents.
- Analyze & investigate cyber threats on a real-time/day-to-day basis, involving alerts review, log analysis, and event/incident correlations.
- Prepare Document and Maintain Procedures, Response Plan, Runbooks, and associated processes for continuous improvement.
- Assist Analyst for security event and initial incident response to detected threats.
- Regularly review and recommend changes to policies or controls as needed to enhance security.
- Identifies potential gaps and offers solutions to include internal team needs, product improvements and client security posture.
- Develop reporting with focused messages to enable the stakeholders to understand their and responsibilities.
- Train and mentor, the peers and juniors in the team.

SPLUNK
- Managing Splunk components such as indexer, forwarder, search head, etc
- Prepare Splunk dashboards.
- Install, Configure and Troubleshoot Universal forwarders.
- Triage of non-security alerts based on priority, problem identification and escalation.
- Escalate to designated contacts within Stratogent and Customer for issues outside SOPs, or when SOPs fail to resolve the issue.
- Work directly with delivery teams or customers to gather logging requirements.
- Convert Logging requirements into Splunk designs following best practices.
- Perform environment health checks.
- Update and / or create technical documentation.

**Must have skills**:

- Performing incident handling, evidence acquisition, endpoint and Network,and Security Incident management
- Must have worked on Splunk
- Customer-focused
- Excellent communication skills (reading, writing, speaking and listening)
- Highly self-motivated and directed.
- Excellent attention to detail.
- Flexibility and willingness to work on different and multiple technologies
- Ability to effectively prioritize, organize and execute tasks in a high-pressure environment

**Good to have skills**:

- Worked on any of the IAM and PAM tools.
- Certifications in Enterprise Admin or Cloud Admin of Splunk is an advantage
- Prior training and certification in communication is added advantage

**About the company: Stratogent**

Stratogent does IT and Cybersecurity operations.

We build and operate complex infrastructure - across on-premise, data centers, and clouds. We wrap any compute-storage-network platform with monitoring, automation and security services so customers can sleep while we cure failures and block threats.

If Google’s mission is to “organize the world’s information”, ours is to “operate the world’s infrastructure”. We aren’t quite there yet, so we focus on being the best at knowing and doing operations for mid-size, high-touch and high-change IT environments. Our customer base is made up of progressive companies who are flag bearers of new technology adoption and are risk-takers. We have participated in successful (and failed) projects and bring that accumulated experience to each of our clients.

Since 2008, we have acted as an extension of internal IT and Security teams and along the way achieved a community of highly satisfied clients who rave about our “no-fluff just stuff” style.