Our client is looking for an experienced Splunk Engineer to manage and maintain a Splunk Cloud environment for a major enterprise client. Working closely with the client's Security Engineering Lead, you'll play a vital role in a high-performing cybersecurity team, ensuring our Splunk Enterprise Security SIEM platform operates at peak effectiveness.
This is an excellent opportunity for a skilled Splunk professional to work on complex, enterprise-scale security infrastructure while developing your expertise in a dynamic environment.
Key Responsibilities
* Configure and manage Identity and Access Management (IAM) and Role-Based Access Control (RBAC) using Single Sign-On (SSO)
* Monitor platform health and performance, implementing proactive optimisations
* Onboard new data sources, including index configuration, Technology Add-on (TA) installation, and Common Information Model (CIM) mapping
* Provide technical support for detection engineering activities
* Perform technical troubleshooting and maintenance across the Splunk environment
* Collaborate with cross-functional teams to ensure seamless integration and operation
Core Requirements
* 1-3 years' hands-on experience with Splunk Cloud or Splunk Enterprise in a large organisational environment
* Splunk Cloud Certified Admin or Splunk Enterprise Certified Admin certification
* Practical experience on onboarding data from common security platforms and major cloud vendors
* Proven capability in CIM mapping, field extraction, and data model acceleration troubleshooting
* Experience in diagnosing and resolving health, performance, and licensing issues
* Strong stakeholder management skills with experience working in complex IT environments
* Excellent communication skills with the ability to explain technical concepts to varied audiences
Preferred Requirements
* Experience administering Splunk Enterprise Security or SOAR platforms
* Knowledge of Ingest Actions and Edge Processor for log source optimisation
* Data onboarding experience with bespoke applications or SaaS platforms
* Detection engineering skills, including development of threat detection logic
* Experience with Detection-as-Code, Sigma YAML, and GitHub workflows
* Background in Security Operations Centre (SOC) or Incident Response activities
#J-18808-Ljbffr