Splunk SME - Financial Services - London, City/Hybrid

Splunk SME - Financial Services - London, City/Hybrid.

Our client, a leading financial services organisation based in the City of London, urgently requires a Splunk SME to join their busy SOC on an initial 6 month contract. This is a hybrid role that requires 2-3 days per week on-site in London (City).

ESSENTIAL SKILLS & EXPERIENCE:

• 5+years of experience in Splunk;
• Previous and recent experience in Financial Services, banking/Investment Banking;
• Strong experience in reviewing, migrating and improving Security Use Cases, including; Detection logic, CIM compliance, Baselines of behaviour on multiple vectors to detect anomalies, Identification of false positives, Data curation for ML algorithms used for anomaly detection, Searches performance and optimisation, MITRE ATT&CK use case mapping, visualisation, coverage and gaps identification.
• Experienced in Risk Based Alerting Implementation;
• Assets and Identities reformulation, aggregation of multiple silos of assets information and creation of a consolidated source of truth;
• Previous experience of Platform Upgrades planning and knowledge transfer; and;
• Integration of Splunk Responses with Splunk SOAR.

Key skills; Splunk, Splunk SME, Financial Services, Banking, Investment Banking, MITRE ATT&CK, Splunk SOAR, SOC, London, City of London, Hybrid.