Role:Interact with the different customers to capture and define requirements for the development and testing of the threat detection capabilitiesCooperate with log source onboarding team to assure correct log source onboarding and log mapping to data models according to Splunk standard processesThe development and tuning and continuous improvement of correlation rulesDevelop and maintain dashboards, reports, and alertsCreate Splunk Knowledge Objects to address customers needs in context of using Splunk as security toolPrepare correlation search tests, conduct tests, and document evidence from test that shows correlation search addresses scenario described in use caseResponsible for the creation of procedures, high-level/low-level documentation, implementation of processes and development of staff in relation to SIEM detection logicCoach a team (from a technical perspective); review work outputs and provide quality assuranceAnalyses and identifies areas of improvement with existing processes, procedures, and documentationDemonstrates how to use SIEM & Enterprise Security products to both technical/non-technical personnelProvides expert technical advice and counsel in the design, monitoring and improvement of SIEM security systemsPrioritize and coordinate backlog of threat detection requests, making sure we have a healthy balance between defect resolution and new features Qualifications:Technical Skills:In depth experience in development and maintenance of SIEM use casesFluent in Splunk’s search processing language (SPL)Excellent knowledge of Splunk Enterprise and Splunk Enterprise SecuritySound knowledge about Splunk Common Information Model and log normalization using Data ModelsSolid understanding of cybersecurity technologies, protocols, and applicationsExcellent English communication skills (written and oral)!