Be accountable for working first hand with alternative data sources to solve complex problems around classification and discovery, Developing and scaling models for classification, clustering and anomaly detection, Integrating statistical and machine learning models into production data products, Defining and expanding.
More Uses of the Splunk Toolkit:
- Collaborate with distributed teams to strengthen the cybersecurity posture of Reclamation Information Technology (IT) and Industrial Control Systems (ICS).
- Systematize: monitor architecture and design solutions for applications using Splunk and appdynamics and ensure application monitoring systems provide necessary application performance and dashboard reports.
- Oversee: monitor Splunk alerts for memory using automated log rotation scripts depending on the business requirement to monitor the error rate of the application and take necessary ahead of time.
- Manage work with product, technology, and engineering to maintain expertise across all solution offerings ensuring the latest capabilities are reviewed with account team.
- Use elk/Splunk analytics platform and other proprietary tools to identify threats, determine root cause, scope, and severity of each critical anomaly.
- Devise: articulate and influence the development team, infrastructure team and others to provide a solution to fix the root cause and prevent the recurrence of issues.
- Create dashboard and alerts in Splunk depending on the business requirement to monitor the error rate of the application and take necessary actions ahead of time.
- Be accountable for monitoring performance of correlated and scheduled searches and identify opportunities to make searches/dashboards more efficient in Splunk to improve performance.
- Govern: cybersecurity architect or cybersecurity engineer or it security engineer or security analyst or Splunk certified cybersecurity engineer or rpa expert or risk based alert expert.
- Follow up with customer POC to resolve team issues and dependencies raise concerns regarding changes in timelines and expectations with customer point of contact to resolve the same.
- Be accountable for administering Splunk; integrating Splunk with a wide variety of legacy data sources and industry leading commercial security and other tools.
- Coordinate with project teams to ensure all devices and components report all logs to the Splunk Enterprise Security Platform and perform troubleshooting and maintenance of assets.
- Be accountable for securing Splunk environments by working with infrastructure operations team to reduce risks to information by implementing patch and vulnerability management.
- Manage work with account development executives (sales) providing technical input into all relevant customer relationship activities as related to sso and seamless authentication.