Observability Splunk Engineer

This role focuses on applying Splunk's observability capability to deliver meaningful operational insights and improvements for Dev/Null customers. You will work with defined use cases to build high-quality ITSI solutions that provide clear, actionable visibility for operational & leadership teams., * Provide BAU support for Splunk Enterprise environments.

• Maintain and improve ITSI services, KPIs, and service health models.
• Tune and optimise alerts to improve signal quality.
• Investigate and resolve platform issues, data gaps, and performance concerns.
• Update and maintain dashboards, glass tables, and visualisations.
• Carry out incremental improvements to existing configurations and content.
• Work with stakeholders to refine monitoring requirements and service definitions.
• Ensure platform changes are tested, documented, and implemented safely.
• Collaborate with adjacent teams (e.g. data onboarding, infrastructure) where required.

Dev/Null Security is seeking a hands-on Splunk Engineer with strong experience in Splunk's observability capabilities, particularly Splunk IT Service Intelligence (ITSI), to take defined use cases and develop them into robust, production-ready ITSI solutions., The position would suit someone who enjoys hands-on engineering, working with real data, and delivering practical outcomes that improve how services are monitored and understood. You will need the ability to interpret operational requirements and shape them into effective ITSI implementations., * Proven hands-on experience with Splunk Enterprise, including operational support and development.

• Good understanding of observability principles (logs, metrics, alerting).
• Experience improving alert quality and reducing noise in production environments.
• Ability to troubleshoot across data onboarding, data management, and monitoring or detection workflows.
• Strong working knowledge of SPL (Search Processing Language).

Preferred / Nice-to-Have Skills

• Splunk certifications:

o Splunk Enterprise Certified Admin.

o Splunk ITSI Implementation or 1+ year ITSI experience.

• Awareness of the Splunk Premium offerings such as Observability Cloud, IT Service Intelligence (ITSI), Splunk Enterprise Security (ES) and Splunk SOAR.
• Good understanding of infrastructure monitoring (e.g. servers, applications, services).
• Experience working in client-facing or consultancy environments preferable.

Whilst DevNull Security is a remote-first company, our consulting team may be required to travel to client sites up to 3 times per week, depending on project and customer needs.

We believe that a career in cybersecurity should be accessible to everyone. We actively welcome applicants from all walks of life, regardless of race, ethnicity, gender identity, age, sexual orientation, disability, neurodiversity, socioeconomic background, or any other aspect of identity.

As a growing company, we're committed to fostering an inclusive, equitable, and accessible hiring experience. We proactively offer adjustments during application and assessment - tell us what you need.

Job Types: Full-time, Permanent

Pay: £40,000.00-£50,000.00 per year

Benefits:

• Company pension
• Life insurance
• Private medical insurance
• Referral programme
• Work from home