|
Search Jobvertise Jobs
|
Jobvertise
|
Remote - Direct client: Splunk Correlation Engineer (SCE) Location: US-Remote Jobcode: 3602494 Email this job to a friend
Report this Job
. Splunk Correlation Engineer Location: Remote SCEs (Security Center of Excellence) will be responsible for tuning and adjusting rules and policies to increase detection accuracy on a given SIEM Technology, to reduce false positives, or to improve performance by creating policy management and trend analysis, compiling a weekly/monthly trend analysis report including trends in policy exceptions and user behavior, Provide recommendations on what events should be categorized as in special instructions, interact with the customer on a weekly basis to understand their wants and needs on a tuning perspective. Major and Key Experience Correlate events and find tuning opportunities to have a healthy environment on customers console Make recommendations to clients about increasing security Analyze traffic trends across customer base for large trends Identify trends in traffic and make recommendations to clients based on trends Creating new rules based on the criteria provided, perform updates on the existing policy rules and research new threats to ensure continuous security Professional Certification & Skills CISSP CEH OSCP AWS Certified CP Azure Sentinel Certified Splunk Security Certified QRadar Certified
CCM Consulting
|