TRIPLE H

About the Company

Triple H have built a reputable business on relationships with vendors and customers alike, our main aim is building a trusted brand that customers can rely on. With all the necessary skills from automated and integrated procurement, all the way to design, implementation and maintenance of large-scale production workloads, we have the right knowledge and skill to advise and guide our customers on ensuring they make the right investment. We service some of the most reputable organisations in South Africa with branches in both Johannesburg and Cape Town and hosted facilities on four separate locations in South Africa. We have a direct DellEMC agreement with Platinum partner status which gives us the ability to design, implement and certify DellEMC datacenter installations. Our Automated procurement streamlines internal processes especially for large companies with numerous branches making it easy to track and manage all orders centrally. Every member of our team is a valuable asset, we believe in building and empowering individuals, giving them the engine to be creative and apply their knowledge by learning in a stress free environment and inspire others to be better than what they think they are.

Listed Jobs

Company Name

TRIPLE H

Job Title

Consultant Cybersécurité – Intégration & Détection SIEM Splunk F/H

Job Description

**Job Title** Cybersecurity Consultant – SIEM Splunk Integration & Detection **Role Summary** Drive end‑to‑end SIEM projects focused on Splunk integration and advanced threat detection. Translate risk and operational requirements into custom detection rules, dashboards, and playbooks, and maintain the platform’s performance and relevance. **Expectations** * Own the full lifecycle of detection rule development from business requirement to production. * Ensure accurate log ingestion, normalization (CIM) and enrichment across diverse sources. * Deliver actionable insights to operational teams through dashboards, alerts, and automated playbooks. * Continuously optimize the SIEM environment for efficiency, coverage and alert relevance. * Mentor and train users on effective SIEM exploitation. **Key Responsibilities** 1. Analyze risk and threat data to derive detection rules. 2. Design, develop, test, and deploy correlation rules in Splunk Enterprise Security. 3. Collect, normalize (CIM), and enrich logs from Linux, Windows, network devices and Active Directory. 4. Build dashboards, alerts and playbooks for SOC and business teams. 5. Maintain and tune SIEM performance and detection effectiveness. 6. Conduct product and threat landscape monitoring; identify new risk observables. 7. Train internal and client teams on SIEM operations. **Required Skills** * Expert SPL and Splunk Enterprise Security. * Proven track record in crafting detection rules from concept to production. * Deep knowledge of modern threat models (MITRE ATT&CK, kill chain). * Proficiency with log formats: CEF, XML, JSON, Syslog. * Strong foundation in Linux & Windows systems, networking, and Active Directory. * Scripting proficiency: Python, Bash, Regex, SPL. * Analytical mindset, autonomy, meticulousness and effective communication skills. **Required Education & Certifications** * Bachelor’s (Bac+3) to Master’s (Bac+5) in Cybersecurity, Computer Science or related field. * Significant experience developing detection rules or SOC N2/N3 analyst. * Desired certifications: Splunk Core / Certified Power User / Splunk Certified Cybersecurity Defense Analyst, LogPoint Certified, GCIA, Blue Team Level 1/2, or equivalent.

Tremblay-en-france, France

On site

20-01-2026