Splunk engineer with baseline clearance - Canberra
- Manage Splunk Cloud environment, including application updates, dashboarding, integrations, and health checks.
- Onboard new data/log sources to enhance monitoring capabilities.
- Utilize Splunk queries and searches to support Security Operations Center (SOC) requests.
- Conduct periodic assessments of data quality and data model effectiveness.
- Maintain Heavy Forwarding logging infrastructure for efficient data collection.
- Oversee existing on-premise Splunk enterprise and Security Orchestration, Automation, and Response (SOAR) platforms, including patching, updates, integrations, and health checks.
- Assist in playbook and automation maintenance to streamline incident response processes.
- Collaborate on the development of new security use cases to strengthen detection and response capabilities.
- Research and evaluate technologies to enhance vulnerability analysis and remediation efforts.
- Stay informed about the latest cybersecurity threats, vulnerabilities, and industry trends to inform proactive defense strategies.
- Australian Citizen with baseline clearance