Splunk Sme

**Splunk SME - Inside IR35 - 6 Months**
**Fully Remote**
**£600 - £700 depending on experience
6 Month Contract, likely to be extended to 12 Months
Inside IR35**One of our clients in the Insurance industry is looking for a Splunk SME to join the team as they embark on a full data centre migration.
You'll be using the AWS Splunk platform which provides a logging and monitoring service mandated by a major banking client of theirs and forms a critical part of their license to operate in the Cloud. The platform is a SIEM (Security Information and Event Management)that collects, correlates and enriches log data from their AWS estate. The output is then fed into Cyber Operations teams for triage.
All monitoring hosted in AWS and their cloud platform is fully automated, all infrastructure as code, changes made in terraform. The business is moving away from puppet and all ansible code, going into GIT checking configuration files and via Jenkins pipeline.
Experience
- Splunk infra Data onboardings (Server/syslogs/Rest)
- Splunk front end & backend knowledge (modifying the Splunk configurations from CLI)
- Splunk administration (Cluster master, monitoring console, SH Captain)
- Experience on Amazon Kinesis, SQS, S#, EC2 security Groups, VPC
- Working with Regex field extractions
- Good knowledge on version control software's (Bitbucket, Git)
- Good to have AWS console & infra knowledge
- Working with JIRA/ServiceNow ticketing tools