Your browser does not support javascript! Please enable it, otherwise web will not work for you.

Splunk Engineer - Data Analytics, Automation, SIEM

  • Adarma
  • Full time
  • United Kingdom
  • 22/04/2021

Splunk Engineer - Data Analytics, Automation, SIEM, SPL, Python, RHEL

ADARMA are seeking a Splunk Engineer to join on a contract basis and work on a cutting-edge data analytics and automation project. The successful candidate will be responsible for maintaining a variety of on-prem and cloud toolsets, managing the daily work queue for Jira tickets and supporting the continuous exploitations and development of the analytics tool and processes.

The role will be delivering to one of our major banking partners and will initially be fully remote with longer term attendance on site in either London or Edinburgh.

Responsibilities include (but are not limited to):

  • Back-end configuration updates on RHEL (Red Hat Enterprise Linux)
  • Scripting to remediate ingestion issues or potential errors with toolset stability
  • Debugging Splunk Processing Language (SPL) to fix live ticketing use cases
  • Debugging pre-existing Python script that have already been deployed in the environment.
  • Identifying JSON and XML form errors interfering with ingestion configurations.
  • Assisting in RTL (root-to-live) promotion support tickets, working with Github Enterprise (GHE) and its application to support RTL flow.
  • Scheduled log analysis and log ingestion monitoring for root-cause analysis

Please note that due to the change to off payroll working / IR35 legislation, the successful applicant would be expected to engage via an FCSA accredited umbrella company for the duration of this contract.

Requirements

  • Proficiency in Splunk (ES and/or ITSI) in an enterprise setting, preferably with associated Splunk certifications.
  • Knowledge of Python scripting language to assist in debugging remediation efforts or ad-hoc automated scripting projects.
  • An understanding of SIEM toolset operations, how these communicate with relevant endpoints and possible roadblocks due to incompatibilities.
  • Knowledge of Splunk Processing language and how this language uses architectural object to process live log source data.
  • Experience or understanding of large scale on-prem Splunk and Splunk cloud deployments.
  • Experience with Splunk Enterprise and deploying its architectural components for usable data ingestion.
  • Experience dealing with live threat intelligence detection and response data.
  • Experience with Github Enterprise (GHE).
  • Strong experience with RHEL or another Linux Distro.
  • Strong collaborator, it is essential to be receptive and to share ideas within this team.

Benefits

We are Adarma, one of the largest independent security services companies in the UK. As a business formed and run by veteran senior security leaders, we know security and how to deliver real value in the real world. This is why our clients are successful FTSE 350 organisations from all industry sectors.

See us as your true partner in security. We have the experience, proven track record and industry recognition, to provide best-of-breed services for all our clients. Our team are specialists in Threat Management including SOC design, build & operation. And we always tailor our cybersecurity services to your needs.

About Adarma

We are Adarma, one of the largest independent security services companies in the UK. As a business formed and run by veteran senior security leaders, we know security and how to deliver real value in the real world. This is why our clients are successful FTSE 250 organisations from all industry s...

Similar positions

Senior Data Scientist (Remote - EU Only)

  • MarketFinance
  • United Kingdom

Sales Development Representative - AI

  • Kandidate
  • United Kingdom

Sales Development Representative - German Speaking

  • Kandidate
  • United Kingdom

Account Executive - Tech Startup

  • Kandidate
  • United Kingdom

Business Development Manager - EdTech Startup

  • Kandidate
  • United Kingdom