Splunk Architect

Herzliya, Full-time

Overview

CYE is looking for an experienced Splunk Architect that has an extensive technical background to join our Digital Forensics and Incident Response team. The role will require the ability to assess a customer’s situation, their business needs and complex problems, to provide expert recommendations in the areas of Splunk knowledge management, administration, and architecture. 

Responsibilities

  • Create, build, and expand on existing solutions to enable streamlined incident response processes
  • Produce high-quality written and verbal reports, presentations, documentation, recommendations, and findings to present to customer management
  • Perform digital forensics and host-based forensics on multiple platforms, including Windows, Linux, macOS, Android, and iOS
  • Perform network-based analysis, malware analysis and threat intelligence analysis
  • Collaborate with engineering teams to educate and direct usage of Splunk

Qualifications

  • At least 3+ years of DFIR experience
  • Expert level Splunk knowledge including SPL and data visualization required
  • Experience conducting or managing incident response investigations for organizations
  • Familiarity with common and targeted cyber-attacks
  • Understanding of secure network architecture and background in performing network operations
  • Familiarity with digital forensics in the incident response process including host forensics and network forensics and data analysis
  • Familiarity with threat hunting models, as well as cyber threat intelligence, including TTPs and IoC extraction and mapping
  • Familiarity with malware analysis
  • Ability to travel on short notice
All openings

Apply for this opening

Apply