Line of Service
Internal Firm ServicesIndustry/Sector
Not ApplicableSpecialism
OperationsManagement Level
AssociateJob Description & Summary
A career in Information Technology, within Internal Firm Services, will provide you with the opportunity to support our core business functions by deploying applications that enable our people to work more efficiently and deliver the highest levels of service to our clients. You’ll focus on managing the design and implementation of technology infrastructure within PwC, developing and enhancing both client and internal facing applications within PwC, and providing technology tools that help create a competitive advantage for the Firm to drive strategic business growth.Roles & Responsibilities (essential functions and responsibilities of the job):
1. Managing, Troubleshooting and deploying Global Splunk Enterprise (Distributed &
Clustered) implementations in medium to large sized customers/territories.
2. Monitor & Keep the Splunk Enterprise instances in good health to serve our customers
with highest platform availability.
3. Monitor & Manage Splunk Platform Incidents, Triage, Troubleshoot to fix them and
escalate to different stakeholders to resolve the Splunk Incidents by working in 24/7
working shift model.
4. Managing Splunk Access Roles & Administering Splunk App for Enterprise Security (ES)
log management and SIEM solutions.
5. Integrating Splunk with a wide variety of legacy data sources that use various protocols.
6. Create parser/scripts for custom log source integration.
7. Troubleshooting Splunk modules/app, Report filters & queries, Splunk Access Issues &
also issues with log source integration.
8. Consulting with customers to customize and configure Splunk in order to meet their
requirements.
9. Part of your occupation is the security perimeter enforcement, security logging and/or
monitoring solutions, i.e. Palo Alto, Checkpoint, Juniper, Cisco, Blue Coat Websense, SNORT,
SourceFire, RSA Netwitness, RSA Security Analytics, RSA enVision, RSA ECAT, EnCase
Enterprise, FireEye, Firemon, Tufin, McAfee ePO, Bit 9, Avecto, Ionic, SolarWinds, Hadoop,
Splunk and Google Analytics.
10. Have to create visualizations in Splunk and custom queries to improve views &
dashboards.
Qualification and Experience:
1. Strong Working Knowledge on SIEM and Data Analytics SIEM Platform – SPLUNK.
2. Strong understanding of Networking / Routing fundamentals, traffic and operating systems
(Windows & Unix/Linux), TCP/IP, DNS, Firewalls, Security Proxies – CCNA level competence.
3. Good knowledge in Linux/UNIX – Scripting, RegEx.
4. Must have experience of developing custom SIEM parsers.
5. Proficient with troubleshooting tools – Wireshark, TCPdump, Name lookup...etc
6. The candidate should have solid, hands-on (i.e. not just theoretical or training course-acquired)
know-how and demonstrable ability in the areas of Splunk - i.e. Splunk ES App..etc (Splunk
certifications is a plus)
7. Good hold in Security domain knowledge with use case development and its integration with SIEM.
8. Must have enterprise deployment knowledge or hands-on experience of a SIEM – End to End :
a) SIEM design
b) Deployment
c) Fine-Tuning & Troubleshooting
d) Parser development
9. Strong written and verbal communication skills in English.
Education Level: Engineering Bachelor or equivalent
Mandatory Skill Set: splunk administrator,SIEM, Splunk Integration, Forwarder Management
Preferred Skill Set: splunk administrator,SIEM, Splunk Integration, Forwarder Management
Year of experience required: 2+ Years
Qualifications: Engineering Bachelor or equivalent
Education (if blank, degree and/or field of study not specified)
Degrees/Field of Study required:Degrees/Field of Study preferred:Certifications (if blank, certifications not specified)
Required Skills
Forwarders, SplunkOptional Skills
Desired Languages (If blank, desired languages not specified)
Travel Requirements
Available for Work Visa Sponsorship?
Government Clearance Required?
Job Posting End Date
This job is closed.