工作描述
7 天前
Key Responsibilities
Data Onboarding
• Work with users requesting new data sources
• Document existing and newly ingested data sources.
• Design and manage input for Splunk universal and heavy forwarders to capture data
• Manage log source parsing/formatting, event line breaking, timestamp extraction
• Deploy changes to production
• Manage Splunk Configuration files
• Install and manage Splunk apps
• Assist on the integration and automated onboarding of application logs.
Person Specification
• Degree holder in Computer Science or related disciplines, or appropriate extensive experience.
• At least 2 years experiences onboarding data on Splunk environment.
• Obtained at least Splunk Fundamental 2/3 or various Splunk E-learnings
• Certified Splunk Enterprise Security Administrator or Splunk Enterprise Admin is highly preferred.
• At least 5 years experiences in Information Security
• Have a good knowledge of the business, analytics, data visualization and modelling.
• Strong problem-solving skills and fast learner.
• Liaison skill & teamwork, passion & commitment mentality
• Good interpersonal and communication skills.
• Fluent in spoken and written English
Technical Requirements
• Experience working on different data input types (file and directories, network data, script output, Linux and windows logs, DB connect, HTTP etc.)
• Broad knowledge and understanding of Network data, Syslogs and able to troubleshoot data ingestion issues.
• Broad knowledge and understanding of Computer operating systems (Windows and Unix/Linux)
• A basic understanding of directory and identity management services.
• A basic understanding of cloud computing and infrastructure.
• A basic understanding of server and service operations.
• A general understanding of Attacker tools such as Remote exploit kits, Remote Access Tools etc.
• A high level of understanding of Attack taxonomy such as MITRE ATT&CK, Lockhead Martin Kill chain, Diamond model etc.
• A development/programming background is a big plus.
• Experience writing Regex (Regular Expression) is a big plus
Data Onboarding
• Work with users requesting new data sources
• Document existing and newly ingested data sources.
• Design and manage input for Splunk universal and heavy forwarders to capture data
• Manage log source parsing/formatting, event line breaking, timestamp extraction
• Deploy changes to production
• Manage Splunk Configuration files
• Install and manage Splunk apps
• Assist on the integration and automated onboarding of application logs.
Person Specification
• Degree holder in Computer Science or related disciplines, or appropriate extensive experience.
• At least 2 years experiences onboarding data on Splunk environment.
• Obtained at least Splunk Fundamental 2/3 or various Splunk E-learnings
• Certified Splunk Enterprise Security Administrator or Splunk Enterprise Admin is highly preferred.
• At least 5 years experiences in Information Security
• Have a good knowledge of the business, analytics, data visualization and modelling.
• Strong problem-solving skills and fast learner.
• Liaison skill & teamwork, passion & commitment mentality
• Good interpersonal and communication skills.
• Fluent in spoken and written English
Technical Requirements
• Experience working on different data input types (file and directories, network data, script output, Linux and windows logs, DB connect, HTTP etc.)
• Broad knowledge and understanding of Network data, Syslogs and able to troubleshoot data ingestion issues.
• Broad knowledge and understanding of Computer operating systems (Windows and Unix/Linux)
• A basic understanding of directory and identity management services.
• A basic understanding of cloud computing and infrastructure.
• A basic understanding of server and service operations.
• A general understanding of Attacker tools such as Remote exploit kits, Remote Access Tools etc.
• A high level of understanding of Attack taxonomy such as MITRE ATT&CK, Lockhead Martin Kill chain, Diamond model etc.
• A development/programming background is a big plus.
• Experience writing Regex (Regular Expression) is a big plus
更多相似工作
Senior Database Administrator (Oracle / SQL Server / PostgreSQL)
Millennium Technology Services
中西區, 香港
🎉 Got an interview?
