Job
Security Engineer (Splunk)
Security Engineer (Splunk)
Employment Type: Permanent
Location: 3 days a week in Hemel Hempstead and 2 days home based
Security Clearance Level: Eligible for SC, DV and NPPV2
Salary: £70,000 - £75,000 per annum + £5,400 car allowance, 25 days annual leave with the option to buy additional days, private medical, life assurance, pension, and generous flexible benefits fund
Our new Splunk Engineer will be part of our well-established Cyber Security Operations team in the Aerospace, Defence and Security Sector, on a project that promises to be an ambitious and exciting career.
You will be maintaining the health of the Security technology stack; implementing and assisting the SOC Analysts in support of the MSSP (Managed Security Service Provider) services to the customer and supporting incidents across all customers, while supplying improvements across all phases in the Cyber Defence Feedback Loop (Situational Awareness, Detection Development, Security Monitoring, and Incident Management).
As an authority engineer with SIEM tool knowledge, you will possess strong technical analytical skills while providing accurate analysis of vendor-related and security related problems. With a well-rounded networking background, you will perform extensive solving of security and SIEM based technologies including Splunk in our rapidly paced SOC environment.
What you'll be doing:
- Advise on security eco-system design decisions, Cloud, on-prem, SaaS, PaaS, IaaS environments.
- Consultation to third party cloud hosting environments, tooling, and standard methodology.
- Craft security solutions (Primary SOC/SIEM focused)
- Perform security reviews and identify security gaps in security architecture
- Implement, maintain, and supervise operational security systems. (i.e. SIEM, Threat Intelligence platforms, Malware analysis tools and etc.)
- Develop security controls
- Update rules and signatures (e.g., intrusion detection/protection systems, antivirus, and content deny lists) for specialized cyber defence applications.
- Raise changes
- Investigate and respond to security incidents and apply rule changes to Security tools
What you'll bring:
- Splunk is essential with Splunk Cloud Certified Admin Certificate or Splunk Enterprise Certified Admin Certificate.
- Current or previous experience in a Security Engineering role
- Senior Level (Security incident response, code / malware analysis, Strong coding skills, Effective SIEM design, setup, configuration, and tuning)
- Security Solution design experience - able to demonstrate how to design a security solution, with 'security in mind' based on customer requirements as per the aforementioned SIEM tools.
- AWS and Azure skill - must hold appropriate certifications including firsthand experience using AWS and Azure.
It would be great if you had:
- Azure Sentinel or IBM QRadar