1.Experience in working with Splunk Enterprise, Splunk Enterprise Security & Splunk SOAR, Azure Sentinel (additional)

2. Define evaluation criteria & approach based on the Client requirement & scope factoring industry best practices & regulations

3. Understand customer requirements and recommend best practices for SIEM solutions

4. Offer consultative advice in cyber security principles and best practices related to SIEM operations

5. Completed Splunk Enterprise Admin / Architect Certification with trainings in Splunk Enterprise Security app

6. Hands-on experience in development and customization of Splunk Apps & Add-Ons

7. Builds advanced visualizations (Interactive Drilldown,

Glass tables etc.)

8. Build and integrate contextual data into notable events

9. Experience in creating use cases under Cyber kill chain and MITRE attack framework

10. Create, modify and tune the SIEM rules to adjust the specifications of alerts and incidents to meet client requirement

11. Work with the client SPOC to for correlation rule tuning (as per use case management life cycle), incident classification, prioritisation