Lennox
Location
Chennai | India
Job description
Lennox International has been built on a heritage of integrity and innovation dating back to 1895. We are dedicated to providing trusted brands, innovative products and unsurpassed quality with responsive service. We are a Fortune 500 company and a world leader in residential and commercial heating, cooling, ventilation and refrigeration systems. We have started our operations in India in Chennai in 2010. Lennox India Technology Centre is a R&D Centre with Mechanical Analysis, Embedded – Software, Hardware and IT divisions. Our companies are spread across U.S, Europe, Asia Pacific and Australia.
The Splunk SME works as a member of the Cybersecurity Operations team. The Splunk SME serves as an escalation point for critical and complex issues, performs configuration and testing of products, assists with developing and documenting work processes and trains other members of the team. The primary focus for this role is to act as a Subject Matter Expert for Splunk and be able to configure, manage, operate, and administrate the platform for managed SIEM. Required Skills: • Splunk Enterprise • Splunk Cloud • ReactJS • Python • Splunk SDKs • AWS • Shell scripting • Linux • Git • Splunk Certified Core Admin Roles & Responsibilities 1. SIEM (Splunk Enterprise Security) SME with an experience in Design, Implementation, and Maintenance of Splunk SIEM tool 2. Should have a good experience in configuring, supporting, and troubleshooting the Splunk SIEM tool. Integration and troubleshooting of log sources. 3. Should have ability to create custom queries, event parsers searching and reporting capabilities with SIEM Tool and custom dashboard creation 4. Experience in SOC operations and strong experience with Security incident response 5. Experience with bi-directionally integrating Splunk with a 3rd party ticketing system, such as Service Now. 6. Create custom rules/rule modifications and custom reports/ report modifications as needed. 7. Add /Remove log sources. Troubleshoot issues with log sources or systems with vendor, and report system defects as needed. 8. Create custom documentation for internal and external needs. 9. Responsible for testing and configuring new products and technologies. 10. Assist with designing and documenting work processes within the SOC. Qualifications Education and Experience • Bachelor’s Degree in Information Technology or Information Security • Minimum 6 years of Splunk administration, configuration and management required. • Minimum 2 years of SIEM engineering experience required. • Security+, CISSP, CEH and or other industry certifications preferred. • Excellent written and verbal communication skills required.Job tags
Salary
