Hands-on experience with splunk enterprise security
Data ingestion using cribl stream and edge
Spl query writing and tuning
At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities
Job Summary
At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities.
The role involves onboarding, normalizing, and optimizing security data using Splunk and Cribl, while building and maintaining detections, dashboards, and automations to support SOC, Threat Hunting, and Incident Response teams.
PwC offers inclusive benefits, flexibility programs, mentorship, and a purpose-led, values-driven work environment that supports personal and professional growth.
Matching Summary
At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities.
Skills & Requirements
Must-have
Hands-on experience with Splunk Enterprise Security
Data ingestion using Cribl Stream and Edge
SPL query writing and tuning
Security data pipeline development
Monitoring and optimizing search performance
Implementing CIM mappings and data models
Nice-to-have
Experience with risk-based alerting and UEBA
Cloud and SaaS logging expertise
Knowledge of SOAR playbooks and automation
Familiarity with regex and API integrations
Cross-time-zone collaboration skills
Threat hunting and MITRE ATT&CK application
Key Requirements
2 to 5 years of relevant experience
Bachelor of Engineering or MBA degree
Splunk Core Certified Power User
Splunk Core Certified Admin
Cribl Certified Observability Engineer – Stream
Work experience with Linux and scripting (bash or Python)