SIEM Developer / SPLUNK / Content Development / Remote based
Access IT & Digital Talent are partnering with a security services business who are seeking an experienced SIEM Developer with a SPLUNK focus to join the organisation.
I’m seeking a Senior Splunk Expert who can suggest, drive, and implement improvements to the content development and deployment process, whilst mentoring and training other team members in Splunk.
You will be developing and maintaining content for a range of technologies and devices including but not limited to custom built applications. You will be required to think outside the box to design and implement content to minimise any performance or service impact to customers. You will be required to create both behavioural and IOC based content in line with the MITRE ATTACK model and customer requests.
The role requires a diverse range of skills to allow the successful candidate to develop and maintain custom content for the detection of emerging threats with a forever changing threat landscape. The role will be working directly with a multitude of security and operational teams throughout the business.
The appointee will report into the Head of Detection and work alongside other Content Developers in different locations and the position can be fully remote based.
Splunk Content Development expertise, security use case design and implementation
Experience developing and tuning SPLUNK alerts.
Develop reliable, efficient queries that will feed reports and dashboards
Maintain current functional and technical knowledge of the Splunk platform and future releases.
Knowledge and understanding of regex
Familiar with MITRE ATTACK Model and tactics and techniques.
With an increasing client portfolio and expansion of the service catalogue, this is an exciting time to join the business and the role offers good growth potential.
For a confidential discussion and further details on the role, please apply via the details provided.