*Inside IR35*

We are searching for a Splunk Engineer to join a Tier one bank.

The Senior Splunk Engineer will be a member of the Global Cybersecurity Engineering team, responsible for the Splunk SIEM and SOAR platforms, along with other technology supporting Global Cybersecurity Operations. The team partners with IT Infrastructure teams in end-to-end deployment of security technologies across the firm.

The role involves the architectural design and technical support for SIEM and SOAR platform infrastructure (Splunk, Phantom and AWS). This includes system integration and interoperability, application components, systems programming, ingestion and normalisation of security log sources, patches and upgrades, capacity planning, performance management and use case development.

This role will participate in efforts to test the effectiveness of defined controls and ensure that critical processes in the firm are evaluated from a security perspective. The role requires an experienced systems engineer with strong technical leadership and collaboration skills. The ideal candidate will have significant experience in SIEM technologies, Linux system administration and cloud infrastructure (eg Splunk ES, Splunk SOAR, RHEL/AL2, AWS platform services, etc.).

Responsibilities will include (But not limited to)

• Engineering leadership and support for existing and future SIEM and SOAR technology (Splunk ES, Phantom, etc.)
• Leading the continued technical enhancement of security platforms
• Supporting the identification, development and implementation of new detections (use cases)
• Leading the continued evolution of automation and orchestration across the platform
• Training and developing other members of the Logging and Operations team as well as other members of the engineering function.
• Supporting a culture of individual self-improvement, whereby staff are expected to maintain subject matter expertise within their area of focus and within the realm of cybersecurity more broadly, for example remaining up to date on the latest forensic techniques and tooling for strategically important platforms.
• Taking a leading role in the engagement of Global Businesses and Functions, driving global up-lift in cybersecurity awareness.
• Collaborating with various layers of management across Cybersecurity and other IT teams to develop solutions that protect the organisation.
• Designing and driving the implementation of new service offerings, capability uplifts and process improvements to protect the bank for a continuously changing threat landscape.