Splunk Engineer - DV Cleared

SIEM ENGINEER - DV CLEARED

The team are tasked to develop solutions that can transport, normalise and ingest raw data into our Protective Monitoring (PM) systems. You will turn requirements into reality through planning, designing, coding, testing and releasing new event feeds into the PM domain. Your work will directly benefit the ability to protect sensitive data stores.

The team are responsible for PM of the organisation's IT systems. PM is crucial in detecting and investigating misuse of systems, in order to mitigate a range of threats to individuals, information assets and the organisations reputation.

The team handle both structured and unstructured data and are looking for someone who can analyse large volumes of data to provide insight, someone who has domain experience and expertise in data mining/information retrieval.

You will gain experience in Cyber Security and Information Management, which could provide an excellent platform towards recognised cyber security qualifications.

Working closely with stakeholders across the organisation to develop creative solutions to maximise the effectiveness of IT audit data.

DUTIES AND RESPONSIBILITIES:

- Liaising with customers to ascertain requirements
- Identifying optimal solutions to deliver requirements
- Developing solutions with available technologies
- Testing your solutions
- Documentation and handover

POSITION REQUIREMENTS:

- Splunk administration and architecture experience is an absolute MUST
- Experience designing dashboards and monitoring metrics
- Unix/Linux administration
- Integration of both supported and unsupported log feeds
- Assist with development of use cases to align with customer requirements
- Deployment, testing and verification of Splunk Content.
- Splunk certifications are desired
- Hands on development experience, with some of IT systems and processes
- Good understanding of Boolean Logic, XML, SQL, REGEX/pattern matching
- Broad knowledge of operating systems, databases
- Change Management/ITIL (Desirable)
- Basic knowledge and appreciation of information/cyber security
- Experience with projects as stakeholder or project team member/PRINCE Certification
- In depth knowledge and experience across Splunk products
- Broad knowledge of enterprise IT platforms and applications
- Strong understanding of information security concepts
- Solid understanding of use case development
- Excellent written and verbal communication skills
- Experience with project and stakeholder management

COMPETENCIES:

- Good analytical skills
- Ability to produce concise articulate written assessments using evidence
- Good organisational and time management skills
- Ability to prioritise own workload with minimal supervision
- Sound interpersonal and communication skills
- Confidence to communicate with a range of people
- Working with others and work well within a small team and co-operatively work towards team goals
- Monitor progress against controls and milestones, and let people know when success or value is in question
- Provide comprehensive information to customers and leaders, inspiring confidence
- Ask appropriate questions to understand partner and customer requirements and concerns