Security Engineer (Splunk)

As a Managing Security Engineer, you will lead the design, deployment and optimisation of large-scale security monitoring platforms. You will work closely with cross functional engineering and security teams to ensure the right controls, tooling and processes are in place to protect critical systems and data.

You will take ownership of detection engineering, SIEM platform performance and the full lifecycle of security detection content, ensuring security monitoring remains effective, scalable and reliable.

Key responsibilities include:

• Acting SME on Splunk Enterprise Security platforms
• Designing and maintaining log ingestion pipelines and data enrichment processes
• Developing and tuning detection rules aligned to MITRE ATT&CK techniques
• Managing the full lifecycle of detection content from design through to optimisation
• Automating security workflows using scripting, CI/CD and infrastructure as code tools
• Ensuring SIEM platform performance, resilience and scalability

• Hands on experience with Splunk Enterprise Security
• Strong background in detection engineering and SIEM operations
• Experience designing and managing large scale data ingestion pipelines
• Advanced knowledge of SPL, KQL or EQL for detection engineering
• Experience with automation, scripting or Infrastructure as Code in SIEM environments
• Understanding of MITRE ATT&CK and threat detection techniques
• Experience with high availability, disaster recovery and SIEM performance optimisation, Elastic Security, Splunk Enterprise Security, SIEM, Detection Engineering, Elastic Stack, SPL, KQL, EQL, MITRE ATT and CK, Security Monitoring, Log Ingestion, Terraform, Ansible, SOC Engineering, NSD.

• Up to £85,000 salary depending on experience
• Full time onsite role in Watford
• DV clearance required, * Car allowance
• Private healthcare
• Life assurance
• Flexible benefits fund
• Structured professional development and training opportunities

Our client is a highly respected technology and security services provider supporting organisations operating in complex and security critical environments. Their teams design and deliver advanced digital and cyber capabilities that strengthen the resilience of mission critical systems.