Splunk Engineers looking for a fresh, new challenge? Then we have it right here!
Our new Splunk Engineer will be part of our well-established Cyber Security Operations team in the Aerospace, Defence and Security Sector, on a project that promises to be an ambitious and exciting career.
You will be maintaining the health of the Security technology stack; implementing and assisting the SOC Analysts in support of the MSSP (Managed Security Service Provider) services to the customer and supporting incidents across all customers, while supplying improvements across all phases in the Cyber Defence Feedback Loop (Situational Awareness, Detection Development, Security Monitoring, and Incident Management).
As an authority engineer with SIEM tool knowledge, you will possess strong technical analytical skills while providing accurate analysis of vendor-related and security related problems. With a well-rounded networking background, you will perform extensive solving of security and SIEM based technologies including Splunk in our rapidly paced SOC environment.
Position is Hybrid based 3 days in our Hemel Hempstead office, 2 days from home
Please note, you must be eligible for SC Clearance and prepared to go through DV and NPPV2.
What you'll be doing:
- Advise on security eco-system design decisions, Cloud, on-prem, SaaS, PaaS, IaaS environments.
- Consultation to third party cloud hosting environments, tooling, and standard methodology.
- Craft security solutions (Primary SOC/SIEM focused)
- Perform security reviews and identify security gaps in security architecture
- Implement, maintain, and supervise operational security systems. (i.e. SIEM, Threat Intelligence platforms, Malware analysis tools and etc.)
- Develop security controls
- Update rules and signatures (e.g., intrusion detection/protection systems, antivirus, and content deny lists) for specialized cyber defence applications.
- Raise changes
- Investigate and respond to security incidents and apply rule changes to Security tools
What you'll bring:
- Splunk is essential with Splunk Cloud Certified Admin Certificate or Splunk Enterprise Certified Admin Certificate.
- Current or previous experience in a Security Engineering role
- Senior Level (Security incident response, code / malware analysis, Strong coding skills, Effective SIEM design, setup, configuration, and tuning)
- Security Solution design experience - able to demonstrate how to design a security solution, with 'security in mind' based on customer requirements as per the aforementioned SIEM tools.
- AWS and Azure skill - must hold appropriate certifications including firsthand experience using AWS and Azure.
It would be great if you had:
- **?**Azure Sentinel or IBM QRadar
If you are interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you!
Employment Type: Permanent Location: 3 days a week in Hemel Hempstead and 2 days home based Security Clearance Level: Eligible for SC, DV and NPPV2 Internal Recruiter: Jane Salary: TTo £75K Benefits: £5,400 car allowance, 25 days annual leave with the option to buy additional days, private medical, life assurance, pension, and generous flexible benefits fund
Loved reading about this job and want to know more about us?
Sopra Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.