Incident Response Analyst

22 hours ago

Apply Now

Receive Emails with Similar Jobs

Splunk

WebsiteLinkedInAll Job Openings

Machine Data To Operational Intelligence

5001 - 10000

Description

• Support the 24x7 SOC operation: respond to security alerts, contain threats, and ensure the safety and security of Splunk's product environments. • Contribute to the development and improvement of detection logic, working hand-in-hand with our Detections Engineering function. • Improve the quality of searches to enrich data with critical information through creation of automation and orchestration playbooks. • Perform reactive and novel threat hunting engagements across Splunk environments to surface sophisticated attacks and threats. • Collect and represent evidence to support the organization's compliance and control monitoring responsibilities. • Author, review, and update existing runbooks to ensure optimal and efficient response actions. • Partner with Splunk's Center of Excellence to validate existing data sources and improve data ingestion standards, ensuring data quality.

Requirements

• Bachelor's Degree in computer science or related field. • Foundational knowledge of information security technologies, including firewalls, intrusion detection systems and endpoint security tools. • Strong understanding of TCP/IP protocols, DNS, network analysis, and the OSI framework. • Experience with cloud platforms and technologies. • Ability to multitask, prioritize and take-charge. • Willingness and desire to think outside of the box for creative solutions to problems. • Excellent interpersonal skills and ability to see situations through a Customer First lens. • Strong attention to detail. • Experience or an interest in working with regulated computing environments such as FISMA and/or FedRAMP.

Benefits

• Competitive benefits package including medical, dental, and vision. • 401(k) plan and match. • Paid time off and more!