FIND_THE_RIGHTJOB.
Specialist - Splunk Content Developer
India
Company Profile:
Lennox (NYSE: LII) Driven by 130 years of legacy, HVAC and refrigeration success, Lennox provides our residential and commercial customers with industry-leading climate-control solutions. At Lennox, we win as a team, aiming for excellence and delivering innovative, sustainable products and services. Our culture guides us and creates a workplace where all employees feel heard and welcomed. Lennox is a global community that values each team member’s contributions and offers a supportive environment for career development. Come, stay, and grow with us.
Job Description:
We are seeking a skilled and detail-oriented Splunk SIEM Policy Administrator to manage and maintain security policies, configurations, and operational integrity within our Splunk SIEM environment. The ideal candidate will have a strong background in security operations, log management, and policy enforcement, ensuring that our SIEM platform supports effective threat detection, incident response, and compliance requirements
- Utilize Splunk SIEM and CrowdStrike EDR tools to monitor, detect, and respond to security incidents.
- Develop and execute security monitoring strategies and initiatives, working closely with the SOC management team to align efforts with organizational goals.
- Administer and maintain Splunk SIEM policies, configurations, and access controls.
- Develop, implement, and manage correlation rules, alerts, and dashboards to support threat detection and response.
- Collaborate with SOC analysts, incident responders, and IT teams to fine-tune SIEM use cases and improve detection capabilities.
- Ensure compliance with internal security standards and external regulatory requirements (e.g., ISO 27001, GDPR, HIPAA).
- Monitor and optimize data ingestion pipelines, ensuring relevant logs are collected and parsed correctly.
- Perform regular audits of SIEM configurations, user roles, and data sources.
- Document policy changes, configurations, and procedures for operational transparency and continuity.
- Support onboarding of new data sources and integration with other security tools (e.g., EDR, vulnerability scanners).
- Assist in troubleshooting and resolving issues related to SIEM performance, data gaps, or false positives.
- Stay updated with the latest security threats, Splunk features, and best practices.
- Create and maintain standard operating procedures (SOPs) to ensure consistent and effective security operations.
- Lead the preparation and delivery of weekly presentations to provide executive-level insights into SOC operations, including key metrics, trends, and emerging threats.
- Take ownership of false positive report preparations, ensuring accurate identification and documentation of false positives to improve detection and response capabilities.
- Collaborate with the Security Specialist team on high-priority security incidents, providing expertise and assistance as needed to facilitate incident resolution.
- Flexible to Provide support to 24/7 L1 Monitoring shift members.
- Bachelor’s degree in computer science, Information Security, or related field.
- 4+ years of experience in SIEM administration, preferably with Splunk.
- Strong understanding of security operations, log analysis, and incident response.
- Experience with Splunk SPL (Search Processing Language) and dashboard creation.
- Familiarity with enterprise security policies, compliance frameworks, and risk management.
- Correlation Usecase implementation.
- Creation of Interactive dashboard.
- Knowledge of networking protocols, operating systems, and common attack vectors.
- Incident Response & Triaging the true positive events.
- Excellent analytical, problem-solving, and communication skills.
- Excellent communication and presentation skills.
- Commitment to continuous learning and professional development.
- Flexibility to work shifts from 1 PM to 10 PM and 3 PM to 12 AM.
Similar jobs
VCI Policy Compliance Manager
Vodafone
India
3 days ago
Senior Manager_Cyber Compliance Expert_Pune
Vodafone
India
3 days ago
Senior Security and Compliance Analyst
Certify
India
9 days ago
Senior Analyst
Barclays
India
9 days ago
InsiderRisk L2 Data Protection Analyst Tech & Digital Hyderabad India JR00019081
Zoetis
India
9 days ago
Identity & Access Management Security Analyst
Global Payments
India
9 days ago
Content Writer (Full-time)
CityShor
India
9 days ago
© 2025 Qureos. All rights reserved.