Splunk Engineer

• Multi-year engagement (12+12+12 month contract)

• Canberra candidates preferred, hybrid and remote working may be considered

• Candidates must be Australian citizens

• Baseline Security Clearance required

The role

Our Federal Government client is seeking a Splunk Engineer who will be responsible for maintaining the overall Splunk architecture and the effectiveness and efficiency of the SIEM. This includes proficiency in managing search heads, indexers, deployment servers and heavy forwarders. To assist the mission of the SOC, a strong understanding of Enterprise Security and SOAR is required. The Splunk Engineer will work closely with other members of the SOC and Cyber security team.

The Splunk engineer should also demonstrate advanced knowledge of Splunk Cloud and the configuration of federated search. The Splunk engineer will engage with end users, external teams and vendors to gather requirements, troubleshoot issues, and provide support for the creation of Splunk search queries and dashboards. The Splunk engineer will require good understanding of ITIL and change processes.

The Requirements

• Bachelor's degree in Cyber Security, Information Technology, or related field. Relevant certifications such as Splunk User, Core, Architect, ES and SOAR are preferred.

• 3+ years of experience in cybersecurity Knowledge of common cybersecurity threats, vulnerabilities, and attack vectors. Experience with Splunk Enterprise Security, Splunk Cloud and Splunk SOAR

• Experience with case, incident and ticket management Experience with ITSM tools such as ServiceNow and Atlassian

How to apply:

Please hit the apply button or for more information contact Simmi Vakharia at Randstad Digital on 0425 763 ***.