Splunk Security Architect

Summary: The role of Splunk Security Architect involves working on-site in London for two days a week over a 9-month contract. The primary focus is on producing architecture diagrams, configuring Splunk in line with CSOC standards, and engaging in technical discussions related to Splunk and cybersecurity. The position requires strong SIEM engineering skills, particularly with Splunk SaaS, and AWS infrastructure experience.

Key Responsibilities:

• Produce Architecture diagrams, high level and low-level design documents.
• Configuration of Splunk with use cases in line with CSOC standards.
• Configuration of Splunk as part of onboarding CNI and all other systems.
• Configuration of all infrastructure including AWS - EC2, S3 buckets, SQS queues etc.
• Attend technical workshops, represent the project at key meetings such as the ADF, TDAs etc.
• Represent the project across all technical discussions relating to Splunk, Onboarding, SOAR, Attack Analyzer etc.

Key Skills:

• SIEM Engineering and Architecture skills, specifically in Splunk SaaS.
• Full end to end experience of delivery life cycle experience for improvements to Splunk SaaS.
• Experience of defining improvements within Cyber departments, particularly, SIEM improvements within Cyber Security Operations Centre (CSOC) functions that result in an increase in SIEM Maturity Levels.
• Good communication, reporting, documentation and presentational skills.
• AWS Infrastructure skills for the configuration of EC2 Servers, S3 buckets etc.

Salary (Rate): undetermined

City: London

Country: UK

Working Arrangements: hybrid

IR35 Status: inside IR35

Seniority Level: undetermined

Industry: IT