Lead Engineer - Splunk

Security Information and Event Response (SIEM) Administration

• Manage and maintain Splunk infrastructure and log sources (web/API/HEC/forwarders)
• Manage and maintain parsers, normalization and work with UK life team to maintain the Splunk agent coverage
• Continue to onboard log sources as required and perform upgrades/security patches and troubleshooting product-related defects and issues
Data & Content Engineering
• On-going development of correlation searches/security UseCases for CDC team
• Manage and Maintain the UseCase roadmap
• Support data normalization, data quality issues and perform UseCase tuning activities to ensure high fidelity rate for the alerts
Cyber Defense Center (CDC)
• Perform security alert handling, response, and remediation coordination
• Perform initial review of actionable security alerts triggered from SIEM solutions, triage security alerts based on alert prioritization categories (as defined in Security Alert Matrix)
• Maintain and develop playbooks for security threat monitoring, processes to report alerts to remediation teams
  
  The Company: Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients' most complex digital transformation needs. We are an exciting organisation to work for, ranked as a "Top Employer" as part of the Top Employer Institute annual listings.
A company recognized globally for its comprehensive portfolio of services, strong commitment to sustainability and good corporate citizenship, we have over 250,000 dedicated employees serving clients across 66 countries.

Benefits: You will receive a competitive salary, a generous benefits package, training, and development, as well as an exciting career within a fast paced and dynamic business. The benefits include