PwC

SIEM / Splunk Administrator – Platform Engineer

PwC

full-time

Posted on:

Location Type: Hybrid

Location: WarsawPoland

Visit company website

Explore more

AI Apply
Apply

Job Level

Junior

Tech Stack

CloudCyber SecurityDNSLinuxSplunkTCP/IPUnix

About the role

  • SIEM Platform Management & Administration: Monitoring, administration, and optimization of the Splunk Enterprise platform to ensure efficient log management and effective security information and event management (SIEM)
  • Conduct regular Splunk Infra & Ingestion health checks and monitoring to keep the environment robust and healthy for our stakeholders
  • Monitor & Keep the Splunk Enterprise instances in good health to serve our customers by keeping platform up & running 24/7
  • Troubleshooting & Problem Solving: Actively identify issues using “Monitoring”, investigate the root cause, troubleshoot and fix the Splunk platform issues & problems related to log source outages, parsing errors, time discrepancies, user problems and more
  • Conduct Root Cause Analysis (RCA) to systematically address recurring issues and streamline problem mitigation
  • SIEM Configuration Management & End-user Support: Support the deployment and configuration of Splunk solutions at enterprise level, ensuring seamless log integration and issue resolution
  • Manage end-user service requests, oversee Splunk access control, and enforce access restrictions to maintain secure and efficient user management
  • Ensure optimal platform performance through regular consolidation, cleanup, and configuration adjustments
  • Innovation, Analytics, & Continuous Improvement: Enhance Splunk operations by implementing innovative solutions that improve efficiencies and automate processes, while integrating emerging technologies to optimize performance
  • Leverage machine learning and AI to deliver advanced analytics insights, predictive models, and strategic data-driven visualizations for informed decision-making
  • Migration & Collaborations: Handle SIEM server offboarding and migration, managing Cloud/On-prem Splunk forwarders (UF/HF) and log source migration projects
  • Foster collaboration with multiple global teams like cybersecurity, IT, and business units, while streamlining processes and documentation to boost efficiency & platform stability

Requirements

  • At least 1 year experience in Splunk Enterprise / SIEM administration & management
  • Good understanding of networking & Linux
  • Demonstrated knowledge in SIEM solutions and data analytics tools, particularly SPLUNK
  • Good understanding of networking principles, traffic analysis, and operating systems (Windows & Unix/Linux)
  • TCP/IP and DNS resolution
  • Proficient with traffic analysis & Tshoot tools – Wireshark, TCPdump, Name lookup ...etc
  • Strong competence in Linux/UNIX environments, including scripting skills with Regular Expressions
  • Hands-on experience in deploying and operating Splunk / other SIEM solutions is crucial
  • Splunk certifications are highly desirable
  • Understanding of security domain applications and their integration within SIEM frameworks to support robust cybersecurity operations
  • Strong written and verbal communication skills in English.
Benefits
  • Work flexibility - hybrid working model, flexible start of the day, workation, sabbatical leave
  • Development and upskilling - our full support during onboarding process, mentoring from experienced colleagues, training sessions, workshops, certification co/financed by PwC and conversations with native speaker
  • Wide medical and well-being program - a medical care package, coaching, mindfulness sessions, psychological support, education through dedicated webinars and workshops, financial and legal advice
  • Possibility to create your individual benefits package (a.o. lunch pass, insurance packages, concierge, veterinary package for a pet, massages) and access to a cafeteria - vouchers, discounts on IT equipment and car purchase
  • 3 paid hours for volunteering per month
  • Additional paid Birthday Day off
  • And when you start enjoying PwC as much as we do, you may recommend your friend to work with us.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Splunk EnterpriseSIEM administrationlog managementroot cause analysisdata analyticsnetworkingLinuxscriptingRegular Expressionstraffic analysis
Soft Skills
troubleshootingproblem solvingcollaborationcommunicationinnovationcontinuous improvement
Certifications
Splunk certifications