Splunk Consultant: Analytics and Security

Splunk Consultant: Analytics and Security Enjoy working with data, logs, and Splunk? Help build the data pipelines and analytics that support mnemonic’s security services. We are seeking a Splunk Consultant for our MDR Professional Services department in Oslo. The role combines work on the Splunk platform, development of SPL searches and dashboards, as well as work related to data ingestion and data pipelines. Your responsibilities will include Managing and developing Splunk Enterprise and Splunk Cloud Developing dashboards, reports and visualisations Building and maintaining SPL searches, saved searches, alerts and other Splunk content Integrating new data sources and data pipelines Optimising data ingestion, parsing and structuring of log data Collaborating with analysts and technical teams to develop new use cases An important part of the role will be contributing to the data foundation and Splunk content used in our Managed Detection and Response (MDR) services. At the same time, you will also work with other use cases where Splunk is used for analytics, business processes and operational insight for and with our customers. Many of the environments we work in have a hybrid architecture where multiple logging and analytics platforms are used in parallel. Customers may use different SIEM, observability and logging platforms such as Splunk, Microsoft Sentinel or similar services in AWS and GCP, each serving different purposes. As a result, the role also involves working with integrations, data pipelines and data flows between these platforms: Splunk Enterprise, Splunk Cloud and Microsoft Sentinel Log collection from infrastructure, applications and security products Splunk Universal Forwarder, Heavy Forwarder and Splunk Edge Processor Data pipelines and log processing using tools such as Cribl Filtering, transformation and enrichment of log data before indexing Integration with cloud logging services such as Azure Analytics, AWS CloudTrail and CloudWatch Working with security logs from cloud platforms and SaaS services Integrations and data exchange with other analytics and security platforms such as Microsoft Sentinel, Google Chronicle and Amazon Security Lake API-based integrations and data collection from external systems Structuring, normalisation and optimisation of log data for analysis Working with indexing, data models and searchability in Splunk Who we are looking for Our ideal candidate is someone that: Has a minimum of a few years of experience with Splunk, Microsoft Sentinel or similar analytics platforms Has experience working with log data, data ingestion or data platforms Experience building dashboards, SPL searches or reports Is comfortable with technical troubleshooting and problem solving Is interested in how data can be used for analytics, operations or security It is an advantage if you also have experience with: Cribl or other data pipeline tools Cloud platforms such as AWS, Azure or GCP Linux Python or other scripting languages Certifications in Splunk or cloud platforms are not required, but relevant experience and an interest in continuing to develop your skills are important. What we can offer An informal and pleasant working environment, with good opportunities for personal development and varied tasks A unique and experienced environment, with more than 300 security specialists who daily work on some of the most challenging and exciting professional issues within information security Competitive salary, share program, and bonus scheme, providing a basis for a long-term employment relationship, including pension and insurance schemes A safe working environment with a focus on social gatherings and events. We actively encourage an inclusive working life with a good balance between work and private life, adapted for families Pleasant offices at Solli Plass in Oslo, and good opportunities to work from home A workplace that time and again has been named one of the best in Norway and Europe Department MDR Business and Customer Development Locations Oslo Remote status Hybrid Position type Full time Oslo About mnemonic mnemonic responds to the region’s most serious cyberattacks. We work side by side with Europe’s most important organisations and critical infrastructure to protect them from the cyberattacks they see today, and what they can expect to see tomorrow. At more than 400 employees, we are amongst the largest cybersecurity companies in Europe, and continue to grow rapidly in Norway and internationally. In addition, we are continually ranked by Great Place to Work as one of Norway’s and Europe’s top workplaces. Founded in 2000 Co-workers 450 Turnover 1.100 million NOK