I work as a freelancer (independent consultant) designing and building Splunk (SIEM/Big Data) based use cases and processes for security teams (SOC, MSSPs, CERTs, Incident Response teams).
What can I deliver?
- Quickly demonstrate value of Splunk/ES, by delivering actionable content: alerts, reports/dashboards;
- Help your team design and establish an Agile (Scrum) workflows and processes around custom content development which serve as the main driver to uncover new detection strategies and use cases;
- Coaching and support Security Hunters on how to leverage Splunk data to write rules, and translate hypothesis into SPL code (workshops);
- Build custom interactive interfaces and dashboards not yet available on Enterprise Security App (ex.: key SOC metrics) and address other ES shortcomings;
- Work as a senior SOC advisor given the amount of experience and leadership in the area accumulated over the years working for many SecOps teams.
I’m an Information Security professional with over 15 years of experience, including projects delivered to large scale clients with mission-critical environments (mainly Financial and Telecom).
Last 5-6 years dedicated to security engineering and Use Cases design and development (SIEM, ArcSight, Splunk).
Feel free to reach out: