SIEM / Splunk Administrator & Platform Engineer

Our Internal Business Application Centre (IBACentre) team supports core business functions by implementing applications for efficient work and top-notch service delivery. The team manages core and global business applications, ensuring continuous operation, customer relationship management, and precise incident handling.

• At least 1 year experience in Splunk Enterprise / SIEM administration and management.
• Demonstrated knowledge of SIEM solutions and data analytics tools, particularly Splunk.
• Good understanding of networking principles, traffic analysis, and operating systems (Windows & Unix/Linux), including TCP/IP and DNS resolution.
• Proficient with traffic analysis and troubleshooting tools such as Wireshark, TCPdump, and Name lookup.
• Strong competence in Linux/UNIX environments, including scripting skills with Regular Expressions.
• Hands-on experience deploying and operating Splunk or other SIEM solutions; Splunk certifications are highly desirable.
• Understanding of security domain applications and their integration within SIEM frameworks.
• Strong written and verbal communication skills in English.

SIEM Platform Management & Administration:

• Monitor, administer, and optimize the Splunk Enterprise platform for efficient log management and effective SIEM.
• Conduct regular Splunk infrastructure and ingestion health checks to maintain a robust environment.
• Ensure Splunk Enterprise instances remain operational 24/7 to serve customers.

Troubleshooting & Problem Solving:

• Actively identify issues using monitoring tools, investigate root causes, troubleshoot, and fix Splunk platform issues related to log source outages, parsing errors, time discrepancies, and user problems.
• Conduct Root Cause Analysis (RCA) to address recurring issues and improve problem mitigation.

SIEM Configuration Management & End-user Support:

• Support deployment and configuration of Splunk solutions at the enterprise level.
• Manage end-user service requests, oversee Splunk access control, and enforce access restrictions.
• Maintain optimal platform performance through consolidation, cleanup, and configuration adjustments.

Innovation, Analytics, & Continuous Improvement:

• Implement innovative solutions to improve efficiencies, automate processes, and integrate emerging technologies to optimize performance.
• Leverage machine learning and AI for advanced analytics, predictive models, and strategic data-driven visualizations.

Migration & Collaborations:

• Handle SIEM server offboarding and migration, managing Cloud/On-prem Splunk forwarders and log source migration projects.
• Collaborate with global teams including cybersecurity, IT, and business units to streamline processes and enhance platform stability.

Your personal data will be processed for recruitment purposes by PwC Advisory spółka z ograniczoną odpowiedzialnością sp.k. or another PwC entity running the recruitment process. Full information about data processing is available in the Privacy Policy.