Time left to apply End Date: April 4, 2025 (10 days left to apply)
job requisition id R20057955
Job Description Summary
Job Description
Splunk Administrator
Permanent
Location: Edinburgh, Witham, Peterborough. (For roles with Aegon Global Technology Services, office attendance will generally be required periodically, and more details will be discussed during your interview process with our hiring managers).
Salary: A competitive salary from £50,880 - £63,600, depending on the experience you can bring.
Who we are:
Global Technology Services (GTS) is Aegon's global IT partner that provides infrastructure services, information security and global/corporate application support for Aegon's businesses around the world. Our support consists of a wide range of centralised global IT services such as programming, database management, project management, agile/dev/ops, and more.
We continue to maximise the value from having a clear digital and data technology platform strategy that extends our ecosystem, enhancing customer experience, and improving operational efficiency. All these teams work closely together to provide innovative and digital solutions as well as critical technology support.
The Job:
The Security Event Management (SEM) team is responsible for gathering and providing Security Intelligence into the SIEM platform. Security events, infrastructure devices, and application events are correlated and presented to the Global Security Operations Centres (SOC) for evaluation. We are seeking a seasoned Splunk Administrator with extensive experience in Splunk Core technologies and a proven track record in complex IT environments. The ideal candidate will have expertise in managing Splunk infrastructure, deployment, and data integration, with a strong focus on security and cloud services.
In this role, you will collaborate with Infrastructure and Application teams to align security and event applications with SOC use cases for investigations. You will onboard applications across all Business Units (BU) and provide guidance when issues arise with streaming events into the SIEM. Additionally, you will manage time resources and commitments to ensure onboarding activities are completed on time and within scope.
We’d love to hear from you if you have:
1. Splunk Administration: Proficient in managing and configuring Splunk infrastructure, including single-instance and distributed deployments. Strong understanding of deployment and cluster management, optimising performance and scalability. Expertise in Splunk Enterprise Security (ES) for advanced security analytics. Provide support for Splunk Indexers and Search Heads. Implement endpoint threat detection solutions. Ensure accurate source typing and data categorisation. Experience with Splunk SIEM solutions.
2. Application Onboarding: Hands-on experience with Splunk Heavy Forwarder, Syslog technology, and Splunk HTTP Event Collector (HEC). Apply RegEx and stream parsing techniques. Competent in managing Splunk Universal Forwarder. Develop complex searches and reports using SPL Query Language. Integrate Splunk with cloud services (AWS Lambda, S3, Azure Cloud).
3. Infrastructure Management: Administer Linux/Unix/Windows systems, perform vulnerability patching, and manage network routing (DNS, DHCP, RADIUS, LDAP, network bandwidth utilisation).
It’d also be great – but not essential - if you’ve got:
Splunk ES Certified Admin
Experience working within financial industry Security Operations Centre (SOC)
What’s in it for you?
A non-contributory pension between 8%-12%.
A discretionary bonus, depending on personal and company performance.
34 days leave per year (including bank holidays, pro-rated for part-time).
We also offer private medical cover, life assurance, critical illness cover, enhanced parental leave and a variety of lifestyle benefits to help our staff live their best lives, including retail discount vouchers, cycle2work scheme, subsidised restaurant and online GP appointments.
The legal bits
We’ll need you to confirm you have the right to work in the UK. If we offer you a job and you accept, there are some checks we need to complete before you can start with us. This will include a credit and criminal record check, as well as providing satisfactory references.
Cifas Short Fair Processing Notice (applies to UK based candidates only).
The personal information we have collected from you will be shared with Cifas who will use it to prevent fraud, other unlawful or dishonest conduct, malpractice, and other seriously improper conduct. If any of these are detected, you could be refused certain services or employment. Your personal information will also be used to verify your identity. Further details of how your information will be used by us and Cifas, and your data protection rights, can be found by visiting www.cifas.org.uk/fpn .
Equal Opportunity Employer:
We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their age, disability, race, religion/belief, gender, sexual orientation or gender identity.
#J-18808-Ljbffr