Splunk Security Architect

Summary: The Splunk Security Architect will work with a large government department on an initial 9-month contract, focusing on the configuration and architecture of Splunk systems in a hybrid working environment. The role requires active SC Clearance and involves producing design documents, configuring infrastructure, and participating in technical discussions. The position emphasizes the need for SIEM engineering skills, particularly in Splunk SaaS, and experience in improving Cyber Security Operations Centre functions. Strong communication and AWS infrastructure skills are also essential for success in this role.

Key Responsibilities:

• Produce Architecture diagrams, high level and low-level design documents.
• Configuration of Splunk with use cases in line with CSOC standards.
• Configuration of Splunk as part of onboarding CNI and all other systems.
• Configuration of all infrastructure including AWS - EC2, S3 buckets, SQS queues etc.
• Attend technical workshops, represent the project at key meetings such as the ADF, TDAs etc.
• Represent the project across all technical discussions relating to Splunk, Onboarding, SOAR, Attack Analyzer etc.

Key Skills:

• SIEM Engineering and Architecture skills, specifically in Splunk SaaS.
• Full end to end experience of delivery life cycle experience for improvements to Splunk SaaS.
• Experience of defining improvements within Cyber departments, particularly, SIEM improvements within Cyber Security Operations Centre (CSOC) functions that result in an increase in SIEM Maturity Levels.
• Good communication, reporting, documentation and presentational skills.
• AWS Infrastructure skills for the configuration of EC2 Servers, S3 buckets etc.

Salary (Rate): £800

City: London

Country: UK

Working Arrangements: hybrid

IR35 Status: inside IR35

Seniority Level: undetermined

Industry: IT