SonicJobs Logo
Login
Left arrow iconBack to search
  1. Home
  2. London
  3. Ict security engineer
  4. Splunk Engineer / Security Architect

Splunk Engineer / Security Architect

Matchtech
Posted 13 hours ago, valid for 12 days
Location

London, Greater London EC1R 0WX

Contract type

Full Time

In order to submit this application, a Reed account will be created for you. As such, in addition to applying for this job, you will be signed up to all Reed’s services as part of the process. By submitting this application, you agree to Reed’s Terms and Conditions and acknowledge that your personal data will be transferred to Reed and processed by them in accordance with their Privacy Policy.

Sonic Summary

info
  • We are looking for a Splunk Engineer / Security Architect for a 9-month contract role that allows for hybrid remote work, requiring up to 2 days per week on-site.
  • The position demands strong experience in Splunk SaaS and a deep understanding of SIEM Engineering and Architecture, particularly in CSOC environments.
  • Candidates should have a proven track record of leading end-to-end SIEM improvement initiatives and the ability to implement change in complex cyber environments.
  • The role offers a salary of £600 per day and requires active SC clearance along with relevant qualifications such as Splunk Cloud Administrator and Splunk Enterprise Security.
  • Ideal candidates will also possess strong documentation and communication skills, with a minimum of 5 years of experience in related fields.

Splunk Engineer / Security ArchitectLocation: Hybrid - Remote with up to 2 days/week inContract Duration: 9 months (192 working days)Active SC clearance required

Role Overview

We are seeking an experienced Splunk Engineer / Security Architect to lead strategic and tactical improvements to the SIEM and associated components across a large-scale hybrid security environment. You’ll play a pivotal role in enhancing monitoring capabilities, driving SIEM convergence, and supporting the maturity of security operations.

This role is aligned to a national programme improving the government’s ability to detect and respond to cyber threats across multiple portfolios. You’ll work alongside the SIEM Product Owner and CSOC teams to define and deliver architectural and engineering enhancements using Splunk SaaS and related technologies.

Key Responsibilities

  • Produce and maintain architecture diagrams, high- and low-level design documentation
  • Lead configuration of Splunk and associated infrastructure (AWS EC2, S3, SQS, etc.)
  • Drive use case development aligned with CSOC and MITRE ATT&CK framework
  • Attend and represent the project at key technical forums (ADF, TDA, workshops)
  • Deliver improvements to SIEM architecture, use cases, automation, and data enrichment
  • Improve onboarding processes for directorates and manage onboarding QA
  • Lead integration of SOAR, Attack Analyzer, and other tooling into operational use
  • Standardise collection tier components using Infrastructure as Code (IaC) where possible

Essential Skills & Experience

  • Strong experience in Splunk SaaS as a lead engineer and/or architect
  • Deep understanding of SIEM Engineering & Architecture, particularly in CSOC environments
  • Demonstrated experience leading end-to-end SIEM improvement initiatives
  • Proven ability to define and implement change within complex cyber environments
  • Excellent documentation, communication, and stakeholder engagement skills
  • Solid AWS infrastructure knowledge (EC2, S3, SQS, etc.)

Desirable Skills & Experience

  • Experience with SIEM convergence from legacy platforms
  • Familiarity with tools such as JIRA, Confluence, Git
  • Background in Ethical Hacking, IDAM, PKI, or broader information security disciplines
  • A team-oriented, adaptable mindset with a problem-solving approach

Required Qualifications

  • Splunk Cloud Administrator
  • Splunk Enterprise Security
  • Splunk SOAR Administrator
  • Splunk Certified Cybersecurity Defence Analyst
  • Cloud Security Architecture (CSA)
  • Microsoft Azure Infrastructure Solutions

Desirable Certifications

  • Certified Information Systems Security Professional (CISSP)
  • Ethical Hacking & Intrusion Prevention
  • Information Security Management Systems (ISMS)
  • Identity Access & Management (IDAM)

Apply now in a few quick clicks

In order to submit this application, a Reed account will be created for you. As such, in addition to applying for this job, you will be signed up to all Reed’s services as part of the process. By submitting this application, you agree to Reed’s Terms and Conditions and acknowledge that your personal data will be transferred to Reed and processed by them in accordance with their Privacy Policy.

Logo
SonicJobs
Your next career move. Sorted.
Search jobsbackground image

Contact us

© 2017 - 2025 SonicJobs App Ltd. All rights reserved

Terms & Conditions | Privacy Policy | Browse Jobs