Role
Role overview:
As a leading Professional & Managed Services Cyber Security organisation with significant SOC pedigree, this organisation is a genuine SOC authority. From building SOCs, delivering improvement programs, providing operational management and delivering fully or co-managed SOCs off and on-prem, they continue to offer cutting edge provision within this space.
As a Senior SPLUNK Consultant, you will guide enterprise organisations through consultative reviews, ensuring their SIEM and wider technologies are operating as effectively as possible whilst ensuring People and Process are similarly proficient.
Main tasks and responsibilities:
- Help customers implement or improve threat modelling and provide valuable new use cases to ensure their SIEM is capable of detecting the real-world tactics used by adversaries.
- Undertake assessments and gap analysis including technical health checks and use case coverage mapped to control frameworks and business services.
- Implement and develop threat monitoring use cases taken from threat intelligence sources
- Produce clear technical documentation
- Assess existing threat monitoring rules with a focus on changing threat landscape and technologies
- Document appropriate detection, containment and response strategies to meet business needs
Pre-requisites:
- Experienced Splunk Engineer / Splunk Consultant with significant knowledge of Splunk technology
- Consistent experience from within the cyber security industry
- Ability to write Splunk Searches
- Ability to write Splunk TAs for applications and middleware
- Experience of Splunk Enterprise Security
- Strong scripting experience – Python (preferred), Bash, Perl, Shell, VBA
- Relevant knowledge of other cyber technologies such as firewalls, IDS/IPS or proxies
- Strong communication and documentation skills
- Developing SIEM use cases is a strong advantage
Further info:
- Competitive Basic, Bonus and Flex bens
- Remote working UK. Various office locations
To apply:
Please either register your CV and complete the information fields requested or send your CV to referencing WDA168 and your current salary