Key Responsibilities
We are seeking a dedicated Splunk Enterprise Security (ES) Engineer to work closely with the Security Operations Centre (SOC) team. This role is responsible for the design, implementation, optimisation, and day-to-day operation of Splunk ES to support threat detection, investigation, and incident response. The Splunk ES Engineer will act as the technical owner of Splunk ES, ensuring high-quality data onboarding, effective detection content, performant searches, and continuous tuning based on SOC feedback and the evolving threat landscape.
1. Splunk Enterprise Security Platform Ownership
Own and manage the Splunk Enterprise Security platform, ensuring availability, performance, and scalability
Configure and maintain ES components including
Correlation searches
Risk-Based Alerting (RBA)
Notable events
Adaptive Response Actions
Dashboards and KPIs
Perform regular health checks and optimisation of Splunk ES and core Splunk infras...