In-associate_siem_digital Integration_advisory_kolkata

PwC

Kolkata, India
Splunk enterprise/cloud/es
Cribl stream/edge
Splunk data models, cim mappings
You will be hands-on with Splunk (Enterprise/Cloud/ES) and Cribl (Stream/Edge) to onboard, normalize, and optimize security data, while building/ maintaining detections, dashboards, and automations that support our SOC, Threat Hunting, and Incident Response teams

Job Summary

  • You will be hands-on with Splunk (Enterprise/Cloud/ES) and Cribl (Stream/Edge) to onboard, normalize, and optimize security data, while building/ maintaining detections, dashboards, and automations that support our SOC, Threat Hunting, and Incident Response teams.
  • At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities.
  • We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life.

Matching Summary

You will be hands-on with Splunk (Enterprise/Cloud/ES) and Cribl (Stream/Edge) to onboard, normalize, and optimize security data, while building/ maintaining detections, dashboards, and automations that support our SOC, Threat Hunting, and Incident Response teams.

Skills & Requirements

Must-have

  • Splunk Enterprise/Cloud/ES
  • Cribl Stream/Edge
  • Splunk data models, CIM mappings
  • SPL skills
  • Linux fundamentals, Git, scripting
  • security concepts, attack techniques

Nice-to-have

  • risk-based alerting, UEBA
  • cloud and SaaS logging
  • observability crossover
  • SOAR playbooks, API integrations
  • regex, YAML/JSON pipelines

Key Requirements

  • 2-3 years of hands-on experience with Splunk
  • Working knowledge of Cribl
  • 2 to 5 Years experience
  • Splunk Core Certified Power User
  • Splunk Core Certified Admin
  • B.E. / B.Tech / MBA

Work Rights

Not specified

Tailored Resume

Cover Letter