My Shortlist

Your shortlisted jobs will appear here. To view your shortlist: Login Or Register

Date Added: Wed 04/05/2022

Security Operations Specialist Splunk

Slough, UK
Apply Now

Company: ITECOPEOPLE

Job Type: Permanent, FullTime

Salary: £552 - £595/day

Security Operations Specialist (Splunk).

We need a contract Security Operations Specialist to be responsible for the day-to-day operation and maintenance of the EMEA region Splunk instance, providing support, performance, and functional improvements to transition the EMEA instance from its immediate post-implementation status to a mature platform as part of the overall global solution.

Company Overview: The client is a global conglomerate, with c 350,000 employees worldwide. They have just completed the deployment of Splunk Enterprise Security Cloud as the latest iteration of its global monitoring solution and the three regional teams involved are currently working on post-implementation refinements and updating of the global monitoring and incident response processes.

Title: Security Operations Specialist (Splunk).
Duration: 6 -12 months +.
Stat Date: 01 June 2022.
Rate: £550 - £600 per day.
Location: Hybrid working from home with on average 1 day a week in Slough.

Role Overview As the Security Operations Specialist, you will work with the EMEA ISE to establish the daily operating processes, development of threat detection methods and processes and the design and implementation of intra and inter-regional incident management. You will act as the point of contact for Splunk and security related operational issues and vulnerability control as well as acting as the Splunk subject matter expert and will work closely with the IT team and other teams as required.
You will perform both intra and inter-regional monitoring, advising on items of interest in other regions and providing recommendations for remediations and proactive actions. You will also be involved in incident response actions as part of the global incident response team and you will eventually lead the EMEA in-region Splunk incident response function.

Main Tasks and Responsibilities
Day-to-day operation, administration, and management of the EMEA Splunk Cloud SIEM solution leading the incident response (IR) function within the EMEA region following established IR procedures.
Working with the ISE, identify and escalate serious incidents within the region to other regional teams as part of the IR. Monitoring the other Splunk operating regions for significant situations, escalating to the ISE as required.
Operational development of the Splunk platform with the Far East and American cyber security teams. Continuous refinement of the established threat detection methods to identify and eliminate normal behaviour. Working with the EMEA ISE, to review and improve the platform's capability.
Development of the threat detection functionality to maximise the automation and response capabilities of the system. Supporting internal customers and other shared service users with analysis and reporting as required.
Skills and Experience You must have at least 3 years of experience working with Splunk as part of an IT team or SOC working as part of an infrastructure team either in networking or server operations. RedHat Enterprise Linux administration skills and experience is desirable.

You will need to be flexible, a hands-on self-starter, able to adhere to standards with Customer focus in mind. You will have an Ownership Mindset and embrace Teamwork and Collaboration. You are able to work well in dynamic environments, be self-motivated and able to act on your own initiative, with experience working with partner organisations and offshore teams, with strong listening, verbal, and inter-personal skills.

Qualifications ideally Splunk Cloud Certified Administrator and/or Splunk Enterprise Certified Administrator are a plus.

Please call Laura on (phone number removed) or email your CV to to progress matters.

Services advertised are those of an Employment Business
Apply Now