AVP Splunk Engineer (SOC Engineering) – Contract to Perm
Posted 2 days ago by Bonhill Partners
£400 Per day
Inside
Hybrid
London Area, United Kingdom
Summary: The AVP Splunk Engineer role is a contract-to-permanent position within a global investment bank's SOC Engineering team, focusing on enhancing security monitoring and detection capabilities using Splunk. The role requires hands-on engineering skills to optimize platform performance and improve operational insights. Candidates will have the opportunity to transition into a long-term AVP-level position. The working arrangement is hybrid, with a mix of on-site and remote work post-conversion.
Key Responsibilities:
- Support and optimise enterprise-scale Splunk environments (indexers, search heads, forwarders)
- Develop and enhance dashboards, alerts, and reporting for SOC and operational teams
- Work extensively with Splunk ITSI to improve monitoring, service visibility, and incident detection
- Onboard, normalise, and improve new log sources across multiple systems
- Support platform upgrades, tuning, and performance optimisation
- Integrate Splunk with wider security tooling (including Darktrace)
- Automate administrative and operational tasks using Python, Bash, or PowerShell
Key Skills:
- Strong Splunk engineering / administration experience at scale
- Hands-on experience with Splunk ITSI
- Background in SOC, SIEM, or security monitoring environments
- Understanding of detection engineering and operational security use cases
- Experience building dashboards, alerts, and log ingestion pipelines
- Scripting or automation experience (Python, Bash, PowerShell)
- Exposure to Darktrace or similar security tools (nice to have)
- Experience in financial services or large enterprise environments (nice to have)
- Familiarity with broader observability tooling (nice to have)
Salary (Rate): £400/day
City: London
Country: United Kingdom
Working Arrangements: hybrid
IR35 Status: inside IR35
Seniority Level: Mid-Level
Industry: IT
AVP Splunk Engineer (SOC Engineering) – Contract to Perm
London (Moorgate) Hybrid (4 days onsite to 2–3 days post-conversion) £400/day (contract) - £85,000 AVP base + benefits + bonus (perm)
Global Investment Bank
We’re supporting a leading global investment bank in hiring an AVP Splunk Engineer within their SOC Engineering function. This is a contract-to-permanent opportunity, offering immediate impact in a high-performance security engineering environment, with a clear route into a long-term AVP-level role.
The Role
You’ll be joining a specialist SOC Engineering team responsible for enhancing the organisation’s security monitoring, detection, and observability capabilities across a large-scale enterprise Splunk estate. This is a hands-on engineering role focused on improving platform performance, data quality, and operational insight across security and infrastructure environments.
Key Responsibilities
- Support and optimise enterprise-scale Splunk environments (indexers, search heads, forwarders)
- Develop and enhance dashboards, alerts, and reporting for SOC and operational teams
- Work extensively with Splunk ITSI to improve monitoring, service visibility, and incident detection
- Onboard, normalise, and improve new log sources across multiple systems
- Support platform upgrades, tuning, and performance optimisation
- Integrate Splunk with wider security tooling (including Darktrace)
- Automate administrative and operational tasks using Python, Bash, or PowerShell
What We’re Looking For
We’re looking for a hands-on Splunk engineer with strong enterprise experience and a focus on security monitoring environments.
Core experience:
- Strong Splunk engineering / administration experience at scale
- Hands-on experience with Splunk ITSI
- Background in SOC, SIEM, or security monitoring environments
- Understanding of detection engineering and operational security use cases
- Experience building dashboards, alerts, and log ingestion pipelines
- Scripting or automation experience (Python, Bash, PowerShell)
Nice to have:
- Exposure to Darktrace or similar security tools
- Experience in financial services or large enterprise environments
- Familiarity with broader observability tooling
Package & Structure
- Initial 3–6 month contract with strong intent to convert to permanent
- £400/day contractor rate
- Permanent AVP role: up to £85,000 base + bonus + benefits
- Hybrid working model (4 days onsite initially, reducing post-conversion)