cover image
Challenging

Challenging

www.challenging.cloud

1 Job

7 Employees

About the Company

Listed Jobs

Company background Company brand
Company Name
Challenging
Job Title
Cyberdefense – Splunk Expert (GSOC)
Job Description
Job Title Cyberdefense – Splunk Expert (GSOC) Role Summary Responsible for managing and optimizing large‐scale Splunk deployments (~8 TB/day) to support a Global Security Operations Center (GSOC). Develop and maintain ingestion pipelines, dashboards, and detection rules; automate alerts through Python scripting; collaborate with CERT and SOC teams in French and English and participate in scheduled on‑call duties. Expectations • Minimum 4 years of hands‑on Splunk administration (Enterprise Security, IT Service Intelligence, Cloud, SC4S). • Proven experience designing detection rules and automating workflows with Python. • Strong understanding of ticketing systems, SLA management, and incident response processes. • Fluent in written and spoken English and French. • Willingness to serve 1 week per month on on‑call rotation. Key Responsibilities 1. Administer, tune, and scale Splunk environments to handle high data volumes. 2. Design, deploy, and monitor data ingestion pipelines for security telemetry. 3. Build and refine dashboards, visualizations, and reporting for SOC analysts. 4. Create, test, and update detection rules and correlation searches to identify threats. 5. Develop and maintain Python scripts for automating data enrichment, alert suppression, and ticket creation. 6. Collaborate with CERT, SOC, and other security teams to respond to incidents and improve detection coverage. 7. Participate in monthly on‑call rotation, ensuring rapid response to alerts and system issues. Required Skills • Splunk Enterprise, Splunk ES, Splunk ITSI, Splunk Cloud, and Splunk SC4S administration. • Advanced proficiency in Splunk Search Processing Language (SPL). • Python programming for data manipulation, automation, and API integration. • Experience with ticketing systems (e.g., ServiceNow, Jira) and SLA tracking. • Strong analytical, problem‑solving, and communication skills in English and French. Required Education & Certifications • Bachelor’s degree in Computer Science, Information Security, or related field (preferred). • Splunk Certified Enterprise Search Admin / Splunk Certified Security Practitioner (preferred, but not mandatory).
Aix-en-provence, France
On site
30-10-2025