Description
Job Title: Splunk Security Engineer
Contract: 6 months - Inside IR35
The Opportunity:
- The role requires the candidate to participate and jointly take responsibility for the successful implementation of security operations requirements into solutions.
- The successful candidate will work closely with on-shore and off-shore development and run teams.
- Take the lead on the design, development, and delivery of product roadmaps to support the evolution of core security services, aligning deliveries to the client's strategy.
- Strong technical expertise is required for the role.
- The candidate will follow technical practices and strive for technical excellence both in security and software development.
- Building a strong working relationship with Cyber Operations teams and helping them define requirements.
Skills and Experience:
- A high degree of (hands-on) technical guidance & vision with broad subject matter expertise in security technologies, specifically SIEM and UEBA.
- Career proven history of supporting and has been in lead roles within the following security technology toolsets.
- Splunk Enterprise Security and Splunk Enterprise
- Strong knowledge of Splunk architecture, distributed components (indexer clusters, forwarders, search head clusters, deployment Servers, DMCs )
- Strong knowledge of Splunk Enterprise Security at administration and use case level
- Understanding of the Common Information Model
- Strong knowledge of data models, enrichment and automation
- Experience in integrating SIEM and UEBA with other Cyber tooling
- A good knowledge of the Linux Server platform.
- Understands the requirements of governance in a large financial environment, particularly around Change Management, Risk Management, handling major and minor incidents, Disaster Recovery planning/testing and meeting requirements of rigorous Audit mandates
- Strong knowledge of security network architectures (eg Firewalls, DMZ, proxies, DNS, web and Mail Servers) and the principles of network
- Exposure to cloud technologies, AWS, Azure and SaaS based security solutions