Lennox International has been built on a heritage of integrity and innovation dating back to 1895. We are dedicated to providing trusted brands, innovative products and unsurpassed quality with responsive service. We are a Fortune 500 company and a world leader in residential and commercial heating, cooling, ventilation and refrigeration systems. We have started our operations in India in Chennai in 2010. Lennox India Technology Centre is a R&D Centre with Mechanical Analysis, Embedded – Software, Hardware and IT divisions. Our companies are spread across U.S, Europe, Asia Pacific and Australia.
When you choose Lennox International, you know you're getting the best. That is why when you work at Lennox International, you know you are among the best. Join over 14,000 employees worldwide who build our heritage of integrity and innovation. At Lennox International, we make your home, your businesses, and your work, a better place.
At Lennox, we tackle complex challenges that push the boundaries of technology and creativity. Our team is a collaborative, global organization, consisting of engineers with highest standards of technical depth, passion, quality, and excellence.
|
The Splunk SME works as a member of the Cybersecurity Operations team. The Splunk SME serves as an escalation point for critical and complex
issues, performs configuration and testing of products, assists with developing and documenting work processes and trains other members of the team. The primary focus for this role is to act as a Subject Matter Expert for Splunk and be able to configure, manage, operate, and administrate the platform for managed SIEM
Splunk Enterprise Security
Splunk Cloud
Splunk SDKs
Splunk knowledge objects
Splunk data inputs
Data Models
Splunk UBA
Linux
Splunk Certified Core Admin
Splunk Enterprise Security Certified Admin
SIEM (Splunk Enterprise Security) SME with an experience in Design, Implementation, and Maintenance of Splunk SIEM tool
Should have a good knowledge in creating incident workflow using Splunk enterprise security.
Should have a good experience in configuring, supporting, and troubleshooting the Splunk SIEM tool. Integration and troubleshooting of log sources and data parsing.
Having UBA knowledge is an added advantage.
Monitor all system, applications, hosts, data ingestion, forwarder status, system health.
Should have experience in creating advanced security use cases with mapping of frameworks ( MITRE attack & Kill chain )
Should have an experience in Splunk ESCU, Security Essentials use cases fine tuning.
Should have experience in managing in RBAC in Splunk.
Proficient at data on-boarding activities including custom parsing rules, custom Technology Add-On building according to Splunk's Common Information Model (CIM).
Experience developing custom data models in splunk ES.
Onboard data to Splunk via forwarder, scripted inputs, TCP/UDP, and modular inputs from a variety of sources
Should have ability to create custom queries, event parsers searching and reporting capabilities. with SIEM Tool and custom dashboard creation.
Experience with bi-directionally integrating Splunk with a 3rd party ticketing system, such as Service Now
Assist with designing and documenting
Qualifications
Education and Experience
• Bachelor’s Degree in Information Technology or Information Security
• Minimum 6 years of Splunk administration, configuration and management required.
• Minimum 2 years of SIEM engineering experience required.
• Security+, CISSP, CEH and or other industry certifications preferred.
• Excellent written and verbal communication skills required.
Software Powered by iCIMS
www.icims.com