Enable job alerts via email!
Senior SIEM Consultant (SPLUNK) – Cyber Security Services
Trilaty Group
United Kingdom
Remote
GBP 60,000 - 80,000
Full time
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Job summary
A leading Professional & Managed Services Cyber Security organisation is seeking a Senior SPLUNK Consultant in the UK. This role involves consulting with enterprise organisations to optimize their SIEM technologies while developing effective threat monitoring use cases and documenting strategies. The ideal candidate will have strong experience with Splunk and scripting, contributing to cybersecurity efforts with innovative solutions.
Benefits
Qualifications
- Experienced Splunk Engineer / Consultant with significant knowledge of Splunk technology.
- Consistent experience from within the cyber security industry.
- Strong scripting experience in Python, Bash, Perl, Shell, and VBA.
Responsibilities
- Help customers implement or improve threat modelling and new use cases for SIEM.
- Undertake assessments and gap analysis with technical health checks.
- Produce clear technical documentation addressing detection and response strategies.
Skills
Job description
Role overview:
As a leading Professional & Managed Services Cyber Security organisation with significant SOC pedigree, this organisation is a genuine SOC authority. From building SOCs, delivering improvement programs, providing operational management and delivering fully or co-managed SOCs off and on-prem, they continue to offer cutting edge provision within this space.
As a Senior SPLUNK Consultant, you will guide enterprise organisations through consultative reviews, ensuring their SIEM and wider technologies are operating as effectively as possible whilst ensuring People and Process are similarly proficient.
Main tasks and responsibilities:
- Help customers implement or improve threat modelling and provide valuable new use cases to ensure their SIEM is capable of detecting the real-world tactics used by adversaries.
- Undertake assessments and gap analysis including technical health checks and use case coverage mapped to control frameworks and business services.
- Implement and develop threat monitoring use cases taken from threat intelligence sources
- Produce clear technical documentation
- Assess existing threat monitoring rules with a focus on changing threat landscape and technologies
- Document appropriate detection, containment and response strategies to meet business needs
Pre-requisites:
- Experienced Splunk Engineer / Splunk Consultant with significant knowledge of Splunk technology
- Consistent experience from within the cyber security industry
- Ability to write Splunk Searches
- Ability to write Splunk TAs for applications and middleware
- Experience of Splunk Enterprise Security
- Strong scripting experience – Python (preferred), Bash, Perl, Shell, VBA
- Relevant knowledge of other cyber technologies such as firewalls, IDS/IPS or proxies
- Strong communication and documentation skills
- Developing SIEM use cases is a strong advantage
Further info:
- Competitive Basic, Bonus and Flex bens
- Remote working UK. Various office locations
To apply:
Please either register your CV and complete the information fields requested or send your CV to vacancies@trilaty.co.uk referencing WDA168 and your current salary
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
