Splunk Core Consultant & Enterprise Security
* Start: ASAP
* Length: Initial 3 months, potential extension
* Status: Outside IR35
* Rate: £500 - £600
* Location: Remote, ad-hoc meetings in Gosport
* Clearance: Must have an Active SC Clearance
Responsibilities:
* Support the completion of a health check of the Splunk environment to ensure the foundations are stable and to ensure the architecture is properly designed to account for future growth.
* Implement recommendations as agreed with the customer based on their priorities and dependencies.
* Support SOC analysts with tuning and suppressing alerts to reach a manageable state.
* Support SOC analysts with refinement and mapping of ~200 use cases.
Expected Skills & Experience
* Certified and experienced Splunk Core Consultant
* Certified and experienced Splunk Enterprise Security Admin
* Experience working in SOCs in the Defence sector
...