Description
We are a Global IT Recruitment specialist that provides support to the clients across UK, Europe, and Australia. We have an excellent job opportunity for you.
Job title: Splunk SME
Contract: 01 months
Location: Remote with occasional travel to at client site in Warwick. Potentially also Farnborough/Corsham
Job Description:
A Splunk SME to manage and optimize log management and SIEM environment. Will configure and maintain Splunk Heavy Forwarders, Windows Event Collectors, and Syslog Aggregators to ensure efficient log collection, analysis, and correlation. The focus will be on normalizing data, configuring event sources for various devices (Cisco, Palo Alto, F5, Fortinet, HPE, VMs), and developing event correlation rules, alerts, and dashboards to support our CSOC. This role requires a strong understanding of Linux, Windows, and networking logging concepts.
Essential Skills:
Proven experience with Splunk Heavy Forwarders on Linux platforms.
Strong understanding of Windows Event Collector Services (WEC).
Hands-on experience with Syslog Aggregators.
Expertise in log management and forwarding best practices.
Desirable Skills:
Experience implementing Splunk environments to CIS Level 1 and Level 2 standards.
Familiarity with Red Hat Enterprise Linux Server.
Knowledge of forwarding events to Splunk Enterprise and ServiceNow platforms.
Experience integrating Splunk with SolarWinds.
Understanding of Reliable Event Logging Protocol (RELP).