Sword is a leading provider of business technology solutions within the Energy, Public and Finance Sectors, driving transformational change within our clients. We use proven technology, specialist teams and domain expertise to build solid technical foundations across platforms, data, and business applications. We have a passion for using technology to solve business problems, working in partnership with our clients to help in achieving their goals.
About the Role:
As a Splunk Engineer, you’ll join a growing team of passionate Splunk specialists who love solving real problems with smart, scalable solutions. You’ll be hands-on from day one—designing and deploying new Splunk environments, onboarding critical data sources, building meaningful dashboards, and enhancing SIEM capabilities that make a real difference to our customers’ operations.
You won’t be doing this alone. You’ll be part of a supportive, collaborative team where knowledge-sharing is the norm, and you’ll have access to training, mentoring, and the guidance you need to earn certifications and deepen your technical expertise. This is an opportunity to help shape how Splunk is used across our business—bringing new ideas, driving best practice, and influencing the future of our data and security landscape.
We were recently recognised as Splunk’s UK Partner of the Quarter, reflecting the depth of our expertise and the outcomes we’re delivering for customers. It’s an exciting time to join as we continue to grow and expand our Splunk capability.
As a Splunk Engineer, you will:
* Deliver high-quality Splunk implementations for our customers, ensuring solutions are robust, scalable, and aligned to their operational needs.
* Work closely with customers to help them maximise the value of their Splunk investment, advising on best practice and guiding them toward meaningful insights.
* Design, build, and refine dashboards, alerts, and reports that translate complex data into clear, actionable intelligence.
* Onboard, model, and configure new data sources so logs are reliably collected, searchable, and fully aligned with Splunk data standards.
* Partner with infrastructure, cloud, and security teams to enhance visibility across environments and strengthen monitoring, detection, and investigation capabilities.
* Troubleshoot platform issues, fine-tune performance, and identify opportunities for continuous optimisation and improved system resilience.
* Enhance platform configuration, data retention policies, and access controls to ensure scalability, compliance, and security best practice.
* Support SRE and SOC teams with platform insights, tailored improvements, and automation that accelerates both operational and security investigations.
* Maintain clear, up-to-date technical documentation and contribute to internal knowledge sharing and process improvement initiatives.
* Develop scripts and automation tools using Bash and/or Python to streamline administration and increase efficiency across the Splunk environment.
Requirements
* Experience supporting or working with enterprise Splunk environments (Splunk Enterprise and/or Splunk Cloud)
* Ability to write effective SPL (Search Processing Language) queries for dashboards, alerts, troubleshooting, or investigation.
* Exposure to onboarding logs from on-prem and cloud-native sources (such as syslog, AWS, Azure, Kubernetes)
* Awareness of Splunk deployment models, clustering, and performance tuning concepts
* Strong communication skills, with the ability to break down technical topics for a range of audiences
It would be great if you also had:
* Knowledge of wider observability tooling (e.g., Prometheus, Grafana, OpenTelemetry)
* Familiarity with Splunk premium apps/modules such as ITSI, SOAR, or Enterprise Security
* Experience using automation tools (Ansible, Terraform, or similar) to support deployments
* Understanding of how logs and telemetry support security operations, compliance monitoring, and incident response.
Benefits
At Sword, our core values and culture are based on caring about our people, investing in training and career development, and building inclusive teams where we are all encouraged to contribute to achieve success. Sword offers benefits that support your role, development and ways of working, alongside a culture that encourages learning, collaboration and balance. We focus on enabling people to develop their skills, work effectively within their teams and build sustainable careers, while supporting flexible working arrangements where possible.
At Sword we are dedicated to fostering a diverse and inclusive workplace and are proud to be an equal opportunities employer, ensuring that all applicants receive fair and equal consideration for employment, regardless of whether they meet every requirement. If you don’t tick all the boxes but feel you have some of the relevant skills and experience we’re looking for, please do consider applying and highlight your transferable skills and experience. We embrace diversity in all its forms, valuing individuals regardless of age, disability, gender identity or reassignment, marital or civil partner status, pregnancy or maternity status, race, colour, nationality, ethnic or national origin, religion or belief, sex, or sexual orientation. Your perspective and potential are important to us.
If we can do anything to help make the hiring process more accessible, please let our talent acquisition team know when you apply so we can support any adjustments.
#LI-PD1