I will build your sentinel or splunk siem
About this Gig
I am a cyber security analyst with 3 years of experience across 2 different SOC teams. I specialise in designing effective Sentinel and Splunk SIEMs that monitor for threats relevant to your business. I want to empower your IT/cyber team to detect and contain threats as quickly as possible.
I have real industry SecOps experience in:
- Monitoring and triaging security alerts
- Responding to and containing security threats
- Creating playbooks and automating workflows
- Deploying and configuring SIEMs
- Writing custom detection rules, queries and threat hunts using KQL and SPL
- Tuning alerts to improve signal-to-noise ratio
Bespoke Projects
For more complex projects or general consultation, please contact me directly via Fiverr and I can offer a quote.
FAQ
Do I need an Azure/Splunk subscription?
Yes, you will need a subscription or license for whichever platform you want to use.
What information do I need to provide to get started?
Once you place an order, I will send you a form requesting info such as your chosen SIEM platform, the log sources you want to connect and any compliance requirements.
Is my data safe during the engagement?
Yes. I work directly within your environment using access credentials you provide - no data is copied, downloaded, or stored outside your own systems. I'd recommend creating a dedicated admin account for the engagement with only the permissions needed, and revoking it once the work is complete.
How do I know the SIEM is working correctly after setup?
Every delivery includes a summary document outlining what was configured, which data sources are connected, and what each detection rule is designed to catch. For Standard and Premium packages, I'll also walk you through the dashboard live so you can see alerts firing in real time.
What data sources do you recommend onboarding?
Most businesses will have some or most of the following: - Servers and applications - Endpoint logs (via Defender) - Microsoft Entra and Active Directory - Email logs - Firewall logs - Cloud infrastructure - File sharing service - Websites - Databases
