Splunk jobs
I’m building out a small SOC stack and need an expert to wire Wazuh and Splunk together so I get clean, searchable logs from my firewalls. The core goal is streamlined log management—no SIEM correlation rules, threat-hunting work, or incident-response playbooks at this stage—just reliable collection, parsing, and visualization. Here’s what I need done: • Deploy or fine-tune Wazuh agents/managers to ingest all firewall events (the devices are already exporting Syslog today). • Configure Splunk inputs, indexes, and props/transforms so the data is correctly tagged, timestamped, and CIM-compliant. • Build a starter dashboard and a couple of saved searches that prove the data is landing and searchable. • Hand over concise document...
...data already flowing through my Splunk environment into clear, AI-driven guidance on how well our response processes are working. Using Splunk’s Machine Learning Toolkit—or native SPL commands if you prefer—I need models and dashboards that highlight response times, escalation paths, repeat offenders, and any other signals that reveal where our incident handling shines or stalls. You will have access to the existing security indexes, notable events, and response logs. The job is to design and implement the searches, train the models, and visualise the results inside Splunk so my analysts can see at a glance how each phase of the response cycle performs and where we can improve. If you have experience integrating Python or external ML frameworks with ...
...• Clear documentation of each finding: timestamps, affected hosts, traffic captures, indicators of compromise, and any links to the social-media angles I mentioned. • A concise, court-ready report I can hand to law enforcement, including recommended remediation steps so I can lock everything down without losing data. You’re free to use whatever toolkit you’re most comfortable with—Wireshark, Splunk, Volatility, Autopsy, or other digital-forensics platforms—so long as the final report is structured and verifiable. If you see clues that point to physical security gaps, please flag them; the offline stalking is just as concerning. The sooner we start, the better. Let me know how you’d approach the investigation, what access you’ll re...
...an experienced Palo Alto engineer to keep an eye on our firewalls through Panorama, handling day-to-day monitoring and rapid incident response entirely remotely. The core of the engagement is ongoing health-watch and swift resolution whenever an alert, log spike, or policy-related incident appears—no onsite visits, everything through Panorama, CLI or preferred tools such as Expedition, TAC, or Splunk if that speeds diagnosis. The workflow I have in mind is straightforward: you watch the dashboards, syslog feeds and health stats, jump in the moment something drifts from baseline, contain the issue, fix it, then send a short root-cause and remediation note so I can track what changed. If firmware, dynamic updates or policy tweaks are needed to clear the incident, you can s...
...• Strong cloud and Linux experience: AWS, Microsoft (Azure/Windows Server), RedHat. • Security & IP protection processes (data segregation, NDAs, secure dev practices). • At least 2 case studies in the last 18 months with measurable ROI. Provide contacts for references. Nice-to-have • Experience with monitoring stacks (Prometheus, Grafana, CloudWatch, Azure Monitor), AIOps platforms (Moogsoft, Splunk ITSI, Dynatrace, BigPanda), or automation tools (Ansible, SaltStack, Rundeck). • Experience implementing chatops/chatbot (Teams/Slack) linked to ServiceNow. • Familiarity with storage platforms and SAN/NAS troubleshooting. Proposal requirements 1. Short agency profile (team size, key engineers, locations). 2. Two relevant case studies (PDF) with m...
My Splunk indexers are chewing through far more disk than necessary, and I need a focused engagement to slim them down while keeping the data I actually care about. The work centres on revisiting index retention, with special attention to the Cold buckets. I want to be confident that data is rolling forward at the right time, that frozen policies make sense, and that nothing lingers longer than it should. Alongside that, I’d like you to examine our data ingestion pipeline, identify any chatty sources or redundant log feeds, and advise where we can safely cut volume without losing business-critical insight. I expect you to apply Splunk best practices throughout—tuning , bucket sizing, summarisation options, and any other proven techniques that help curb storage g...
My Splunk indexers are chewing through far more disk than necessary, and I need a focused engagement to slim them down while keeping the data I actually care about. The work centres on revisiting index retention, with special attention to the Cold buckets. I want to be confident that data is rolling forward at the right time, that frozen policies make sense, and that nothing lingers longer than it should. Alongside that, I’d like you to examine our data ingestion pipeline, identify any chatty sources or redundant log feeds, and advise where we can safely cut volume without losing business-critical insight. I expect you to apply Splunk best practices throughout—tuning , bucket sizing, summarisation options, and any other proven techniques that help curb storage g...
...clearer visibility that the team can maintain long after you finish. Here’s how I picture the engagement: • Begin with read-only access so you can baseline current firewall rules, IDS/IPS signatures, and telemetry. • Present an action plan that outlines changes, testing steps, and potential impact. • Optimise firewall policies, fine-tune IDS/IPS rules, and build or refine monitoring dashboards (Splunk, ELK, Security Onion, or comparable) with alerts mapped to MITRE ATT&CK. • Document every change, include roll-back instructions, and schedule brief progress reviews—no rush, quality over speed. Expected deliverables 1. Hardened firewall and IDS/IPS configurations with before/after comparison. 2. Re-usable monitoring dashboards and al...
...Suite, or anything you deem fit, provided every step is documented. Once testing is complete, I’ll need a clear, prioritised report outlining each vulnerability, evidence of exploitation, and actionable remediation guidance that my IT team can follow. Afterward, I want 24/7 security monitoring set up—log collection, real-time alerting, and trend analysis. If you already have a preferred stack (Splunk, ELK, or similar) let me know; if not, recommend one that fits a mid-sized environment. I’m open to adding firewall tuning later, but it’s not mandatory for this engagement. Deliverables: • Comprehensive penetration test plan, execution, and final report • Documentation of tools, exploits, and methodologies used • Deployment or configura...
...exploit chains and attack paths - Conduct reconnaissance, privilege escalation, and lateral movement - Create detailed reports outlining vulnerabilities and proof-of-concept exploits - Simulate realistic adversary behavior during red-team engagements - Collaborate with clients to validate remediations and test defensive improvements Ideal Skills and Experience: - Proficient in Nmap, Wireshark, Burp, Splunk, and Python - Strong background in network penetration testing - Experience with offensive tooling and exploit development - Ability to thrive in ambiguity and think unconventionally - Strong reporting and communication skills If you are curious, bold, and driven to expose hidden system weaknesses, I would love to hear from you....
...estate—mixing on-prem servers with multiple cloud workloads—so the design must collect and correlate telemetry from both sides without gaps. Core technologies are already chosen: a SIEM for log aggregation and correlation, network-based IDS/IPS for east-west and north-south traffic, and an Endpoint Detection & Response platform for host-level visibility. I’m open to specific vendor recommendations—Splunk, ELK, QRadar, Suricata, Snort, CrowdStrike, SentinelOne, etc.—as long as they integrate cleanly and can scale. To keep expectations clear, here’s what I need delivered: • A high-level SOC architecture diagram, bill of materials, and implementation roadmap. • Installation, configuration, and tuning of the SIEM, including log o...
...operations by adding truly real-time alerts that fit neatly into the existing observability pipeline. Right now I aggregate logs and metrics, but latency between an event and a notification is still measured in minutes. I want that window reduced to seconds—with intelligent deduplication so the team is warned once, not fifty times. If you’re comfortable wiring up tools such as Prometheus, Loki, ELK, Splunk, Grafana, or similar stacks, and you know how to tune alert rules, thresholds, and message formats, your expertise will be put to good use. Deliverables • A fully configured alerting workflow (webhooks, email, Slack, or Teams—whatever integrates fastest with common stacks) • Documentation outlining rule logic, suppression criteria, and how the so...
...Investigate suspicious process activity • Parse logs inside a SIEM (Chronicle, Splunk, Elastic, etc.) • Build an incident report Network Security Projects (2–3) • Analyze PCAP files in Wireshark • Identify command-and-control traffic • Detect port scans • Write a Tier-1 analyst style summary Linux + Forensics Projects (2) • Investigate user activity • Parse authentication logs • Collect basic indicators of compromise Vulnerability Projects (1–2) • Run a safe Nmap scan • Create a vulnerability report • Show mitigation steps Automation Project (1) • Simple Python script to parse logs • OR automate a small security task Required Skills You MUST have hands-on experience in: •...
...need from you: • A full course outline that can be delivered over four weeks, mapping out daily objectives and realistic time commitments alongside SOC shift work. • Slide decks or detailed written modules for each lesson that dive deep into threat detection and analysis techniques, step-by-step incident response playbooks, and effective use of SIEM, SOAR, EDR, and log-management platforms (Splunk, Elastic, Sentinel, etc.). • At least two hands-on labs per week using readily available environments—virtual machines, cloud sandboxes, or open-source datasets—so students can practise hunting, triage, containment, and post-incident review. • End-of-module quizzes and a capstone practical that emulate live-fire scenarios, allowing me to measure ma...
...governance and strategic business outcomes. Required Skills & Experience • 4+ years of experience in data modeling, enterprise data strategy, or data architecture. • Solid understanding of IT4IT Reference Architecture (Open Group). • Hands-on experience with Azure Data Services, Azure SQL, and Databricks. • Familiarity with enterprise IT platforms such as ServiceNow, Workday, Cisco, Jira, Dynatrace, Splunk, and similar systems. • Strong conceptual knowledge of data governance, data domains, and business object modeling. • Excellent analytical, communication, and documentation skills. Preferred Skills • Exposure to ServiceNow CMDB or data cataloging tools. • Working knowledge of data product architecture and data mesh principles. •...
...encryption protocols. Conduct vulnerability assessments to identify potential security risks within the network infrastructure. Support data center operations including NAS/SAN management and high availability configurations. Collaborate with IT teams to integrate cloud security measures within AWS and Azure environments. Troubleshoot network connectivity issues using tools like SolarWinds, PRTG, or Splunk. Assist in the deployment of network installations and upgrades while adhering to best practices in network architecture. Document network configurations, changes, and procedures for future reference. Provide technical support for users regarding network access issues and remote access software. Experience Proven experience in network engineering or support roles with a stron...
...approach on how these use cases were implemented/configured in the system and which prompts were used to execute the below use cases. a. AI-Guided Incident Response & MTTR Optimization (Bridging SIEM + ITSM + Network Automation) b. Compliance Drift & Security Posture Enforcement (Bridging Firewalls + Network Configs + ServiceNow Change Policies) Inside the lab you’ll rely on ServiceNow, SolarWinds and Splunk to generate data, surface alerts, and validate results. A solid grounding in NOC expertise & Internet networking is essential so the examples feel realistic; the guide should read as something a NOC expert can reproduce without guesswork. If this sounds exciting then do bid to this task, we can have a meeting where we can explain the use cases in details and...
... - Build resilient retry policies using exponential backoff + jitter for transient errors (408, 500–504, 429) and no-retry for non-recoverable cases (401, 403, 404, 422). 3. Intelligent Error Recovery Develop data pipelines and dashboards to analyze error classification accuracy and user recovery rates. 4. Observability & Diagnostics - Define logging and tracing standards for error traces in Splunk and APM. 5. Governance & Best Practices: - Establish internal Error Handling Guidelines and test scenarios - Champion fault isolation and graceful degradation patterns (bounded retries, circuit breakers, token bucket throttling). Deep understanding of distributed systems, HTTP status codes, and API fault design Hands-on experience with error handling frameworks and r...
Hello, We are looking for an experienced trainer to deliver a short-term training project on "Splunk SOAR". Responsibilities: - Conduct focused training sessions on Splunk SOAR - Create or adapt training material as required - Provide hands-on lab guidance (if applicable) Requirements: - Proven experience in Splunk SOAR - Prior corporate training experience preferred - Ability to deliver training effectively within a short-term timeline To Apply, Please Share: - Updated CV / Profile - Course contents (TOC) - Daily / Hourly commercial rates - Lab availability & charges (if applicable) - Your availability schedule Looking forward to collaborating with the right expert. Best regards, Anjali Koenig Solutions
...rolling out an up-skilling track for a team of intermediate IT professionals who already handle day-to-day monitoring but now need to master AIOps practices on two specific stacks: Splunk Observability Cloud and Dynatrace. The course should be instructor-led (live virtual or onsite—let me know what works best for you) and tightly focused on three pillars: • Data visualization that turns metrics, logs, and traces into actionable dashboards inside both tools • AI-driven alerting, including threshold tuning, anomaly detection, and noise reduction techniques • Incident management workflows that bridge detection in Splunk or Dynatrace with remediation playbooks and post-mortem reporting What I need from you – A concise syllabus covering ...
...experienced SOC analyst to keep a close, real-time eye on our network traffic and swiftly flag any signs of phishing activity. Your primary mission is to detect, investigate, and document suspicious traffic patterns that could indicate credential-harvesting sites, rogue mail servers, or other phishing-related threats. Scope of work • Set up or refine existing SIEM and packet-capture feeds (e.g., Splunk, Elastic, Zeek, Suricata) to ensure full network visibility. • Create and tune detection rules, correlation searches, and alerts that focus on phishing indicators—DNS anomalies, unusual SMTP flows, look-alike domains, and malicious URLs. • Conduct end-to-end incident triage: verify alerts, gather evidence (pcap, logs, threat-intel hits), determine impact, ...
...from Splunk. • Look up similar past incidents stored in our internal database. • Pull any related Slack thread so context isn’t lost. Using that collected data, the tool should run a compact AI model (open-source or API-based—whichever keeps the code simple) to draft concise resolution steps and then post those steps back to the incident record. Key notes – Scope is limited to a working script or small service that proves each integration end-to-end; polished UX isn’t required. – Incidents of interest are strictly Application errors; no need to handle network or security tickets. – Historical records reside in a database, so tap that directly rather than expecting CSV or JSON dumps. Please include links or brief summari...
...Monitoring and Analysis. Detection of Indicators of Compromise (IOCs). Detailed Incident Investigation and classification (True Positive / False Positive). Creation of a Comprehensive Security Report (PDF format). Threat Intelligence Correlation using MITRE ATT&CK Framework. Suggestions for Mitigation & Hardening to improve your security posture. Tools & Frameworks I Use: SIEM Platforms: Splunk, Wazuh, ELK Stack (Kibana). Threat Analysis: VirusTotal, Hybrid Analysis, Any.Run. Frameworks: MITRE ATT&CK, Cyber Kill Chain. Forensics Tools: Sysinternals Suite, Wireshark (for packet analysis). Deliverables: Detailed PDF Report of Findings Identified Threats and Severity Levels Recommended Security Actions Screenshots or Logs (if needed) Optional: Foll...
Splunk & Spring Boot Code not Attached
Splunk & Spring Boot Code not working
I need to turn live network-traffic logs already streaming into Splunk into clear, actionable alerts so my team can detect and respond to incidents in real time. The core of the job is to transform raw data into reliable detections, surface them through concise dashboards, and fine-tune everything until false positives are at an absolute minimum. What you’ll actually do here starts with making sure the data is correctly onboarded and CIM-compliant. From there you will craft correlation searches that spot suspicious patterns, wire those searches to alert actions, and provide an easy-to-read visual layer my analysts can work from. If you have hands-on experience with Splunk Enterprise Security, custom SPL, notable events and adaptive response actions, you’ll feel r...
...track where data originated, how it was handled, and who interacted with it - Ability to classify sensitive data even when no obvious content pattern exists (e.g., images, source code, CAD files, compressed/encrypted data) - Real-time detection and prevention of data exfiltration across multiple channels (email, cloud, USB, endpoints, SaaS apps) - Integration points with SIEM/XDR platforms (e.g., Splunk, Elastic, Wazuh) - Insider risk detection combining behavioral analysis + data awareness - User education features (e.g., real-time popups when risky behavior occurs) - Modern UI/UX for security teams (dashboard, visualization of lineage, incident investigations) Ideal partner: - Proven experience in cybersecurity software, preferably DLP, insider risk, or UEBA - Strong knowled...
I need an experienced Splunk engineer who can turn raw Windows Event Logs and Application Logs into clear, actionable dashboards. You should be fully comfortable crafting SPL searches, optimizing them for performance, and transforming the results into drill-down visualizations that help me spot issues at a glance. Because this environment is governed through Windows Group Policy, your solution must respect existing GPO settings and, where necessary, show me how to adjust them so that the data I need is consistently forwarded and enriched in Splunk. Scope of work • Design and build interactive dashboards fed by real-time Windows Event Logs and Application Logs. • Write and document the underlying queries so I can maintain or extend them later. • Valida...
...and improve productivity across my daily workflow. The tools in scope are: Salesforce – Case creation, analysis card creation, JIRA tech engagement, client communication, KB article creation JIRA – Project code fix analysis tracker and release Bitbucket – Client VMs, code backup, pipeline deployments Microsoft SQL Server – Client DB backups Teams – Office chats Glowroot – Application monitoring Splunk – Log monitoring & analysis Outlook – Email communication What I Need: AI-driven concepts that can automate repetitive tasks (case triage, knowledge base drafting, log correlation, release risk analysis, etc.). A working POC/demo (if you already have something built) would help me decide quickly. A clear implementation proposal: ...
I need to bring several data sources together, automate their ingestion, and surface the results through clear, reliable dashboards. The immediate priorities are: • Data integration – pipe logs, metrics, and business data from the existing systems into Splunk, Power BI, and Grafana with minimal latency and full schema integrity. • Dashboard creation – design and publish interactive, drill-down views that highlight key KPIs for engineering and non-technical stakeholders alike. Splunk will handle heavy log analytics, Power BI will serve executive-level reporting, while Grafana will visualise real-time metrics. Python scripting is the glue for automation: scheduled ETL jobs, API pulls, and alert routing. If you’ve previously wired complex dat...
Job Posting: Network Security Dashboard & Policy Standardization Support I am seeking an experienced Network Security Engineer/Analyst to help with two main projects: 1. Dashboard Consolidation Currently, we manually capture and email screenshots of dashboards from Zscaler ZIA/ZPA and WAF. We want to automate this process and integrate the dashboards into a single-pane view using Splunk, Grafana, or Power BI. The freelancer should guide us on the best approach, set up API integrations, and build reusable dashboards (traffic analysis, threat visibility, user activity, etc.). 2. Policy Standardization Across Tenants We manage multiple tenants. The goal is to ensure firewall and ZIA/ZPA policies in the sub-tenants replicate the baseline configuration of the master tenant. This i...
...Maven, Artifactory) Proficiency in Bitbucket/Git for source control Strong knowledge of Infrastructure-as-Code (IaC) and automation frameworks Experience with monitoring and observability tools (CloudWatch, Prometheus, Grafana) Familiarity with Terraform for infrastructure provisioning (strong advantage) *Mandatory Skills* (XLR Required) XLR (XL Release / Release) Dynatrace Splunk AWS Soft Skills Strong problem-solving and troubleshooting ability with a full-stack mindset Excellent communication and collaboration skills across global teams Ability to thrive in fast-paced, high-stakes environments with multiple priorities...
...Kubernetes across various environments. 5+ years of experience with Linux operating systems and container orchestration. 3+ years of experience with infrastructure automation tools like Ansible, Terraform, or equivalent. 3+ years of experience with Agile, CI/CD, DevOps concepts, including tools such as Jenkins, GitLab, or Tekton. 3+ years of experience with monitoring, logging, observability tools (Splunk, Grafana, AppD, New Relic, Elastic, Open Telemetry). 3+ years of experience with cloud platforms (AWS, Azure, GCP) and hybrid infrastructure setups. 3+ years driving architectural discussions and serving as a Subject Matter Expert (SME) for high visibility cloud initiatives to ensure solutions are designed for successful deployment, security, cost effectiveness, and high availab...
I’m currently looking for Cloud Operations and Securi...Infrastructure provisioning (IaC: Terraform, CloudFormation) CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins) Cloud platforms (AWS, Azure, GCP) Kubernetes, Docker & container orchestration Monitoring & alerting (Prometheus, Grafana, CloudWatch) SecurityOps: Threat detection & incident response Vulnerability scanning & patching IAM, policy enforcement & zero-trust architectures SIEM/SOAR tools (Splunk, ELK, Sentinel) Compliance (ISO 27001, SOC2, HIPAA-ready setups) Tools & Tech: AWS, Azure, GCP, Linux, Terraform, Ansible, Kubernetes, Docker, Git, Jenkins, CrowdStrike, Wazuh, etc. If you have a project that needs solid infrastructure or improved security posture—let’s talk...
...Management: Ansible, Jinja2, YAML, JSON Infrastructure as Code (IaC): Terraform (AWS, Azure, VMware, Heroku, OpenStack) Containerization: Docker, Portainer UI Container orchestration Tools: Kubernetes (K8s), Docker Compose, Docker Swarm, Helm Charts Image Creation: Packer (AWS AMIs) Version Control: Git, CVS, Perforce, SVN CI/CD: Jenkins, GitHub Actions, GitLab Log & Metrics Analysis: ELK Stack, Splunk, Prometheus, Grafana Security Vulnerabilities: Tennable Artifact Repositories: Nexus, JFrog Artifactory Scripting & Utilities: Python, Bash, Perl, PHP System Monitoring: Nagios, Zabbix, Pingdom Production Support & SaaS: AWS, Heroku, ECS, EKS, Okta, Sentry, Pingdom, 1Password, Fastly, CloudFlare Other Technologies: SQL, PL/SQL, Oracle, C, Shell Scripting (SH, KSH, CSH, ...
...Reliability Engineering experience Programming: Expert-level Python, Bash, or Java skills Cloud Platforms: Extensive AWS & Azure experience with architecture expertise Operating Systems: Deep Linux/Windows administration and networking Containerization: Advanced Docker & Kubernetes hands-on experience Infrastructure as Code: Terraform, CloudFormation, or Azure CLI proficiency Monitoring: Experience with Splunk, New Relic, or Azure Monitoring tools CI/CD: GitHub, GitHub Actions, and deployment pipeline expertise AI/ML Support: Azure ML, Databricks, and related SaaS tools experience Preferred Qualifications: AWS/Azure cloud certifications (Solutions Architect, DevOps Engineer) Microservices architecture with AI/ML solutions experience Large-scale distributed systems manag...
I need an experienced Splunk Admin with Cribl expertise to enhance our data analytics capabilities. Key Tasks: - Set up and manage Splunk infrastructure and Cribl. - Understanding Splunk Admin - Troubleshooting on dual routing, where servers send data to two different Splunk environments Ideal Skills: - Proficiency in Splunk and Cribl. - Strong data analytics background. - Excellent troubleshooting skills. - Experience with integrating multiple data sources.
...Design settlement/reconciliation processes across partners and NPCI. Security & Compliance Ensure adherence to RBI/NPCI rules, PCI-DSS, ISO 20022, HSM encryption, certificate management, 2-way SSL. Review for vulnerabilities and authorize pen‐tests. Operational Excellence Architect for high availability, disaster recovery, and capacity planning. Define observability (Prometheus/Grafana, ELK, Splunk) and implement CI/CD pipelines, infrastructure-as-code. Mentoring & Collaboration Guide engineers via design reviews, best practices, and documentation. Liaise closely with product stakeholders to shape requirements into secure, scalable systems....
...to assist with the implementation and management of Security Information and Event Management (SIEM) systems, with a particular focus on Splunk. My primary needs are in system setup, configuration, and ongoing monitoring and maintenance to ensure robust security operations. Key Requirements: - Expertise in SIEM implementation, particularly with Splunk - Proficient in setting up and configuring SIEM systems - Experience in ongoing monitoring and maintenance of security systems - Ability to analyze and respond to security incidents effectively Ideal Skills and Experience: - Strong background in cybersecurity and SIEM solutions - Proven experience with Splunk setup and management - Familiarity with best practices in security monitoring and incident response - Excelle...
I need an experienced Splunk developer to assist in creating web-based software. Key Requirements: - Expertise in Splunk - Experience in developing web-based software - Strong problem-solving skills - Ability to work collaboratively Ideal Skills & Experience: - Proficiency in data analytics and visualization - Background in software development - Familiarity with web technologies and frameworks Please provide examples of past work and relevant experience.
I need an experienced Splunk developer to assist in creating web-based software. Key Requirements: - Expertise in Splunk - Experience in developing web-based software - Strong problem-solving skills - Ability to work collaboratively Ideal Skills & Experience: - Proficiency in data analytics and visualization - Background in software development - Familiarity with web technologies and frameworks Please provide examples of past work and relevant experience.
... Nikto What to do: Scan a test network (use your own lab or a platform like TryHackMe) Identify open ports, misconfigurations, and vulnerabilities Create a professional-style report with findings and mitigation Why it matters: Shows your knowledge of real-world assessment tools and documentation. 2. Log Analysis & Incident Detection Tools: Splunk (free tier), ELK Stack, Wireshark What to do: Use logs from simulated attacks (via Splunk or Blue Team labs) Detect suspicious activity (e.g., brute force, privilege escalation) Write a summary of what you found and how you'd respond Why it matters: Demonstrates skills in SIEM, which most employers use. 3. Phishing Email Analysis Tools: Any email header analyzer, VirusTotal, sandbox tools What to do: Di...
...ongoing project for at least a year. The role involves developing new features, maintaining the existing system, and implementing CI/CD pipelines. Key Responsibilities: - AWS: Working extensively with all AWS services like EC2, Lambda, Step Functions, S3, Glue, and CloudWatch and others as well. - Terraform: Expert level for Infrastructure as Code (IaC). - DevOps: Utilizing tools like DataDog and Splunk, CloudWatch - Postman/Bruno for API testing. - CI/CD deployment with Jules/Spinnaker. Ideal Skills and Experience: - Core Java (11, 17, 21) with 6+ years of proficiency. - Strong experience with JUnit, Mockito, Spring Boot, and Spring. - Minimum of 2 years in AWS and DevOps roles. - Expert in Terraform. Work Commitment: - 2-5 hours of work; monthly/bi-weekly payments. - Availa...
...are stretched thin reacting to issues rather than anticipating them. The cost isn’t just in MTTR—it’s in missed opportunities and eroded trust. That’s why we need to elevate how we monitor and manage complexity.” Slide 2: Why OpenTelemetry—Why Now Slide Title: Unifying Observability with Open Standards Visual Mockup: • Central node labeled “OpenTelemetry” • Radiating lines to logos: AppDynamics, Splunk, Grafana, Azure, AWS • Icons for logs, metrics, and traces Bullet Content: • Open-source, vendor-neutral framework • Standardizes collection of traces, logs, and metrics • Works across cloud, on-prem, and hybrid setups Speaker Notes: “OpenTelemetry breaks the silos by providing one unified language...
...+ WeasyPrint 5. Architecture: Fully modular with plugin support (e.g., separate classes for Telegram, TOR, Pastebin) Configurable via YAML (no need to modify code to change sources or keywords) Clean and secure async architecture using asyncio and aiohttp All credentials stored securely and full audit trail for API access 6. Integration: Provide webhooks and support for SIEM systems (Elastic, Splunk) Tech Stack: Python 3.11+ Asyncio / Aiohttp SpaCy or NLTK Stem, requests[socks] Jinja2 + WeasyPrint Slack SDK, pymsteams, smtplib YAML + Pydantic for config Deliverables: Full source code in a clean modular structure Deployment instructions (README) Sample config file (YAML) Documentation (internal structure + plugin dev guide) Bonus Points: Experience working with darknet threat in...
• Architected a highly available API hosting platform tailored for seamless healthcare data management, ensuring optimal scalability and fault tolerance. • ...with AWS KMS, safeguarding sensitive medical records. • Integrated API Gateway with Lambda functions to streamline request handling and enable dynamic scalability. • Configured AWS Auto Scaling Groups (ASG) and Load Balancers (ALB, NLB) to handle variable workloads and ensure uninterrupted service. • Established comprehensive monitoring and logging with AWS CloudWatch, Grafana, Prometheus, and Splunk, enhancing incident response and performance tracking. • Designed a disaster recovery strategy leveraging AWS Backup, cross-region replication, and S3 versioning, ensuring data durability and co...
I need help setting up log ingestion from network devices (routers, switches, firewalls) into our existing Splunk deployment. Key tasks include: - Configuring log ingestion from specified network devices. - Creating custom alerts for: - Failed logins - System errors - Service failures - Any suspicious traffic - Utilizing ML and algorithms for enhanced event tracking - Building dashboards for visualizing system health and threat alerts - Implementing automation for predefined alerts (e.g., email notifications, executing scripts) - Documenting the entire setup and providing basic training or handover instructions Ideal Skills and Experience: - Proven experience with Splunk in real-world environments - Strong understanding of SPL (Search Processing Language) - Capabil...
...thrive in a fast-paced environment and enjoy solving authentication and access issues across enterprise systems, this role is for you! ⸻ Responsibilities: • Provide L2/L3 support for PingFederate SSO and identity integrations • Troubleshoot issues related to OAuth 2.0, OIDC, SAML, and JWT tokens • Assist application teams in resolving API access and login failures • Analyze logs using Postman, Splunk, and PingFederate diagnostic tools • Debug Java Spring Boot backend APIs related to identity integration • Work with LDAP/Active Directory for user validation and access issues • Document issue resolutions, RCA reports, and process enhancements ⸻ Required Skills: • 3+ years in an IAM support or engineering role • Experience wi...
...deployment velocity. Collaborate with a global team across various time zones. Share knowledge, mentor junior engineers, and improve team processes. Participate in on-call rotation and perform occasional off-hours work when needed. Required Skills Operating System: Linux Scripting: Shell scripting IT Frameworks: ITIL / ITSM Database: PL/SQL Monitoring & Troubleshooting: Experience with tools like Splunk, Dynatrace, or similar CI/CD Tools: Jenkins (basic), Groovy/YAML scripting (basic) Version Control: Git, Bitbucket (basic) API Support: REST and Web API Cloud: Experience supporting cloud-based applications Nice to Have Automation Tools: Ansible, Chef Architectural Knowledge: Event-driven architecture / Event framework familiarity...
