Login for job apply.
Synchrony
Job description The AVP, Detection Operations candidate is responsible for managing and optimizing the Splunk ES (Enterprise Security) to enhance security operations and threat detection. Responsibilities include managing Splunk Mission Control for improving incident response workflows. Key duties include building and maintaining Splunk ES data models, assets, and identities to improve analytics, entity correlation, and security posture. The role requires developing and managing alert actions to automate and optimize threat detection and response processes. Additionally, this position involves leveraging CDLC pipelines to facilitate detection logic integration. Automated validation of logs and detection logic is also essential to ensure accuracy and reliability in threat detection and response. In this role, a combination of technical expertise in Splunk ES, security operations, and automation is required to enhance system performance, ensure timely response to security incidents, and drive efficient security analytics. Key Responsibilities: Splunk Mission Control: Develop and manage Splunk Mission Control to enhance incident response capabilities and streamline security operations. CDLC Pipelines/ Detection as Code: Employ CDLC pipelines to expedite and integrate detection logic across systems. Automated Validation: Develop automated validation mechanisms for critical logs and detection logic, ensuring high accuracy and reliability in threat detection. Required Skills/Knowledge : Bachelors degree with 4+ years of experience with Information Security along with Splunk ES and in lieu of degree with 6+ years of experience required. 4 years of Splunk ES Administration: Expertly manage the overall administration of Splunk ES, ensuring optimal performance, scalability, and reliability of the system. 4 years of Splunk Search Processing Language (SPL): Proficiently utilize Splunk SPL for querying, analyzing, and visualizing data to inform timely security decisions. 4 years of Data Models: Build, manage, and effectively leverage Splunk ES data models to enhance data analytics, security insights, and detection logic. Assets & Identities: Construct and manage comprehensive Splunk ES assets and identities, ensuring accurate security posture and entity correlation. Alert Actions: Develop, manage, and leverage Splunk ES alert actions to automate and optimize threat detection and response processes. Programming Expertise: Utilize Python and HTTP client programming to integrate and automate security solutions efficiently. Desired Skills/Knowledge : Previous experience in working with or in SOC and Incident Response programs Experienced working in organizations that leverage agile methodologies. Experience working in cloud environments (AWS/Azure). Role: Practice Manager / Head Industry Type: Financial Services Department: Engineering - Software & QA Employment Type: Full Time, Permanent Role Category: Software Development Education UG: Any Graduate PG: Any Postgraduate Key Skills AutomationPDFBfsiInformation securityAgileWellnessHTTPSecurity operationsInformation technologyFinancial services
India's most trusted ATS-optimized resume writing service. Helping professionals land interviews and offers since 2020.
