Public Sector | 09-5-2025

Splunk Security Architect

Contract Length:9 months
Location: Hybrid / London 
IR35: Inside

Responsibilities:

• Produce Architecture diagrams, high level and low-level design documents.
• Configuration of Splunk with use cases in line with CSOC standards.
• Configuration of Splunk as part of onboarding CNI and all other systems.
• Configuration of all infrastructure including AWS – EC2, S3 buckets, SQS queues etc.
• Attend technical workshops, represent the project at key meetings such as the ADF, TDAs etc.
• Represent the project across all technical discussions relating to Splunk, Onboarding, SOAR, Attack Analyzer etc.

Essential:
• An active SC Clearance is an essential requirement for this role, as a minimum you must be willing & eligible to undergo checks. (Please note, due to the exceptional requirements of this position (short-term nature of this role and speed at which we require a postholder in situ) preference may be given to candidates who meet all of the essential criteria and hold active security clearance.)
• SIEM Engineering and Architecture skills, specifically in Splunk SaaS.
• Full end to end experience of delivery lifecycle experience for improvements to Splunk SaaS.
• Experience of defining improvements within Cyber departments, particularly, SIEM improvements within Cyber Security Operations Centre (CSOC) functions that result in an increase in SIEM Maturity Levels.
• Good communication, reporting, documentation and presentational skills.
• AWS Infrastructure skills for the configuration of EC2 servers, S3 buckets etc.

Desirable:
• Public Sector experience.
• Experience with wider SIEM Solutions.
• Experience with multiple Cyber Security related technologies.

Please be aware that this role can only be worked within the UK and not Overseas.

Follow us on LinkedIn for new job listings, industry insights and career advice.