SIEM Support Splunk Consultant

Splunk SIEM Support Consultant (SC Cleared)

Location - Redhill, Surrey
SC CLEARANCE REQUIRED
Contract - 3 months (Immediate Start)
Hybrid Working - 2/3 days per week

We are currently supporting a leading technology organisation delivering secure systems across critical infrastructure and government environments. They are looking for an experienced Splunk SIEM Support Consultant to assist with operational support and onboarding assets into an existing Splunk Cloud environment.

Responsibilities

• Onboard infrastructure and application log sources into Splunk Cloud
• Configure and manage Splunk forwarders and data inputs
• Integrate logs from Linux/Unix and Windows systems
• Validate log ingestion, indexing and field extraction
• Troubleshoot ingestion and parsing issues
• Maintain documentation for onboarded assets and data sources

Experience Required

• Strong hands-on experience with Splunk (Enterprise or Splunk Cloud)
• Experience onboarding log sources and configuring Splunk forwarders
• Experience working within SIEM or security monitoring environments
• Good knowledge of Linux/Unix and Windows Servers
• Ability to work independently in an operational support role