该职位来源于猎聘 Responsibilities:
- Proactively maintain and optimize SIEM instances (primarily Splunk, with some Sentinel) to ensure high performance and availability.
- Respond promptly to customer requests, incidents, and SIEM-related issues.
- Collaborate with cross-functional teams to troubleshoot and resolve SIEM problems.
- Document current configurations, maintenance processes, and records.
- Work closely with customers to understand their requirements and provide effective solutions.
- Stay current with the latest SIEM features, updates, and best practices.
- Participate in on-call support for urgent issues.
Qualifications
- English writing is required; speaking is a plus.
- Bachelor's degree in Computer Science, Information Technology, or a related field.
- 3 years of hands-on experience as a Splunk and Sentinel Engineer/Administrator.
- Splunk or Sentinel certifications are a plus.
- Strong knowledge of Splunk architecture, SPL, and advanced query techniques.
- Experience in designing, implementing, and maintaining SIEM in enterprise and cloud environments.
- Excellent troubleshooting and problem-solving skills.
- Ability to communicate technical concepts to both technical and non-technical stakeholders.
- Proven track record of proactive system maintenance and optimization.
- Strong documentation skills with the ability to create clear and comprehensive technical documentation. Orange Restricted