Role: Splunk Security Architect

Location: Hybrid / London Ruskin Square

Minimum Requirement:

As a Splunk Security Architect your main responsibilities will be to:

• Produce Architecture diagrams, high level and low-level design documents.

• Configuration of Splunk with use cases in line with CSOC standards.

• Configuration of Splunk as part of onboarding CNI and all other systems.

• Configuration of all infrastructure including AWS – EC2, S3 buckets, SQS queues etc.

• Attend technical workshops, represent the project at key meetings such as the ADF, TDAs etc.

• Represent the project across all technical discussions relating to Splunk, Onboarding, SOAR, Attack Analyzer etc.

Essential:

• An active SC Clearance is an essential requirement for this role, as a minimum you must be willing & eligible to undergo checks. (Please note, due to the exceptional requirements of this position (short-term nature of this role and speed at which we require a postholder in situ) preference may be given to candidates who meet all of the essential criteria and hold active security clearance.)

• SIEM Engineering and Architecture skills, specifically in Splunk SaaS.

• Full end to end experience of delivery lifecycle experience for improvements to Splunk SaaS.

• Experience of defining improvements within Cyber departments, particularly, SIEM improvements within Cyber Security Operations Centre (CSOC) functions that result in an increase in SIEM Maturity Levels.

• Good communication, reporting, documentation and presentational skills.

• AWS Infrastructure skills for the configuration of EC2 servers, S3 buckets etc.

Desirable:

• Public Sector experience.

• Experience with wider SIEM Solutions.

• Experience with multiple Cyber Security related technologies.