Splunk/ArcSight Engineer

SIEM Engineer (Splunk/ArcSight)

Contract Duration -12 months renewable

Work Location - Singapore

• Overall experience 8+ years of experience.

• 5+ years of relevant experience in the area for managing SIEM preferably Splunk/ArcSight

• Hands on experience in Advanced SIEM, Security Analytics solution, Linux and database (MySQL, Oracle/SQL)

• Very strong troubleshooting skills.

• Strong in providing operational support to any SIEM and other security platforms

• Strong knowledge in Syslog log management platform

• Experience in understanding end to end data flow

• Strong knowledge in understanding OS, Proxy, Network and other main-stream Infrastructure, Application, Access and Cloud logs.

• Strong Knowledge in developing custom parsers (regex) required for data ingestion for any infrastructure or application-based data feeds.

• Strong knowledge to optimize performance and outages related to SIEM Solutions.

• Experience in normalize and data preparation to clean the data

• Experience in Data/Device Integration and provide the data back to other platform.

• Knowledge with SOAR platform is an added advantage.

• Experience in Automation using any scripting languages like Python and Shell.

• Knowledge and hands-on experience on implementing Use Cases would be add-on.