Sharp Innovations Information Technology Company

Job Type

Work Type

Location

Experience

Design, implement, and maintain Splunk SIEM infrastructure, including forwarders, indexers, search heads, and cluster management.
Design Splunk ES deployments with multi-tenancy, high availability, data tiering, and long-term storage optimization.
Create architectural blueprints and roadmaps for log onboarding, data normalization, and use case development across diverse environments.
Define and enforce log onboarding standards, parsing logic, CIM compliance, and data model configurations
Design scalable security use cases, correlation rules, risk-based alerting, and detection logic aligned with frameworks like MITRE ATT&CK, NIST, or CIS.
Develop, maintain, and fine-tune SPL queries, correlation rules, notable events, and security use cases.
Monitor, troubleshoot, and optimize SIEM performance, storage usage, and data retention policies.
Support SOC analysts and threat hunters with investigation-ready dashboards and custom threat detection rules.
Oversee integration of threat intelligence, EDR, cloud logs, and other sources into the Splunk ecosystem.
Integrate Splunk with threat intelligence feeds, security appliances (EDR, firewalls, vulnerability scanners), and third-party platforms via API.
Collaborate with compliance and GRC teams to provide audit-ready reports, incident metrics, and compliance evidence.
Maintain security and access controls within Splunk to meet governance requirements.
Train junior analysts on SPL, dashboards, alerts, and investigative methods.