Splunk Engineer - Data Analytics, Automation, SIEM, SPL, Python, RHEL

Recruiter
Adarma Limited
Location
Midlothian
Salary
Competitive
Posted
04 May 2021
Closes
06 May 2021
Sectors
Engineering
Contract Type
Contract
Hours
Full Time

Splunk Engineer - Data Analytics, Automation, SIEM, SPL, Python, RHEL

ADARMA are seeking a Splunk Engineer to join on a contract basis and work on a cutting-edge data analytics and automation project. The successful candidate will be responsible for maintaining a variety of on-prem and cloud toolsets, managing the daily work queue for Jira tickets and supporting the continuous exploitations and development of the analytics tool and processes.

The role will be delivering to one of our banking partners and will initially be fully remote with longer term attendance on site in Edinburgh.

Responsibilities include (but are not limited to):

  • Back End configuration updates on RHEL (Red Hat Enterprise Linux).
  • Scripting to remediate ingestion issues or potential errors with toolset stability.
  • Debugging Splunk Processing Language (SPL) to fix live ticketing use cases.
  • Debugging pre-existing Python script that have already been deployed in the environment.
  • Identifying JSON and XML form errors interfering with ingestion configurations.
  • Assisting in RTL (root-to-live) promotion support tickets, working with Github Enterprise (GHE) and its application to support RTL flow.
  • Scheduled log analysis and log ingestion monitoring for root-cause analysis

Requirements

  • Proficiency in Splunk (ES and/or ITSI) in an enterprise setting, preferably with associated Splunk certifications.
  • Knowledge of Python Scripting language to assist in debugging remediation efforts or ad-hoc automated Scripting projects.
  • An understanding of SIEM toolset operations, how these communicate with relevant endpoints and possible roadblocks due to incompatibilities.
  • Knowledge of Splunk Processing language and how this language uses architectural object to process live log source data.
  • Experience or understanding of large scale on-prem Splunk and Splunk cloud deployments.
  • Experience with Splunk Enterprise and deploying its architectural components for usable data ingestion.
  • Experience dealing with live threat intelligence detection and response data.
  • Experience with Github Enterprise (GHE).
  • Strong experience with RHEL or another Linux Distro.
  • Strong collaborator, it is essential to be receptive and to share ideas within this team.

Please note that due to the change to off payroll working/IR35 legislation, the successful applicant would be expected to engage via an FCSA accredited umbrella company for the duration of this contract.

We are Adarma, one of the largest independent security services companies in the UK. As a business formed and run by veteran senior security leaders, we know security and how to deliver real value in the real world. This is why our clients are successful FTSE 350 organisations from all industry sectors.

See us as your true partner in security. We have the experience, proven track record and industry recognition, to provide best-of-breed services for all our clients. Our team are specialists in Threat Management including SOC design, build & operation. And we always tailor our cybersecurity services to your needs.

More searches like this