Are you an experience Splunk Engineer with other SIEM tool knowledge to boot, and are looking for a new challenge?

We are recruiting for a Splunk Engineer to join our well-established Cyber Security Operations team in the Aerospace, Defence and Security Sector.

You will maintain the health of the Security technology stack; implementing and assisting the SOC Analysts in support of the MSSP (Managed Security Service Provider) services to the customer. You will also support incidents across all customers, while supplying to general improvements across all phases in the Cyber Defence Feedback Loop (Situational Awareness, Detection Development, Security Monitoring, and Incident Management).

As an expert engineer, you will possess strong technical analytical skills while providing accurate analysis of vendor-related and security related problems. You should have a well-rounded networking background as you will perform extensive solving of security and SIEM based technologies including Splunk in our rapidly paced SOC environment.

This role is Hybrid with 3 days a week in Hemel Hempstead and 2 days working from home.

Please note, you do need to be eligible for SC clearance and prepared to go through DV and NPPV2.

What you will be doing:

• Advise security eco-system design decisions, Cloud, on-prem, SaaS, PaaS, IaaS environments.
• Consultation to third party cloud hosting environments, tooling, and standard methodology.
• Work closely with Security Architects to craft security solutions (Primary SOC/SIEM focused)
• Perform security reviews and identify security gaps in security architecture
• Implement, maintain, and supervise operational security systems. (i.e. SIEM, Threat Intelligence platforms, Malware analysis tools and etc.)
• Research, analysis, and correlation across a wide variety of all source data sets
• Develop security controls
• Collect and record data Report and maintain a track of log source issues within the respective SIEMs.
• Coordinate with SOC Analysts and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, antivirus, and content deny lists) for specialized cyber defence applications.
• Perform system administration on specialized cyber defence applications and systems, to include installation, configuration, maintenance, backup, and restoration.
• Identify, prioritise, and coordinate the protection of critical cyber defence infrastructure and key resources.
• Raise changes
• Investigate and respond to security incidents and apply rule changes to Security tools

What you’ll bring

• Splunk is essential with Splunk Cloud Certified Admin Certificate or Splunk Enterprise Certified Admin Certificate.
• Current or previous experience in a Security Engineering role
• Senior Level (Security incident response, code / malware analysis, Strong coding skills, Effective SIEM design, setup, configuration, and tuning)
• Security Solution design experience - able to demonstrate how to design a security solution, with 'security in mind’ based on customer requirements as per the aforementioned SIEM tools.
• AWS and Azure skill - must hold appropriate certifications including firsthand experience using AWS and Azure.
• Security Solution design experience - able to demonstrate how to design a security solution, with 'security in mind’ based on customer requirements as per the aforementioned SIEM tools.

It would be great if you had:

• Azure Sentinel or IBM QRadar

If you are interested in this role but not sure if your skills and experience are exactly what we’re looking for, please do apply, we’d love to hear from you

Employment Type: PermanentLocation: Hybrid with 3 days a week in Hemel Hempstead and 2 days working from home.Security Clearance Level: Preferably hold current SC Clearance although we will consider candidates eligible for SC Clearance. Must be eligible for DV and NPPV2 clearanceInternal Recruiter: JaneSalary: £to £65KBenefits: £5,400 car allowance, 25 days annual leave with the option to buy additional days, private medical, life assurance, pension, and generous flexible benefits fund and

Loved reading about this job and want to know more about us?

Sopra Steria’s Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client’s goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK’s most complex safety- and security-critical markets.