Splunk Engineer (Contract->Perm)

Client: Investment Bank

Location: London, hybrid 4 days reducing to 3 days at permanent conversion.

Job Title: Splunk Engineer

Role specifics: Initial 6 month contract, then converting to permanent staff.

Rate: TBC

Conversion Salary: Up to £85k + Bonus

You will be responsible for:

  • Working with stakeholders to understand monitoring, alerting, and reporting requirements.
  • Designing Splunk use cases from log sources and event data.
  • Onboarding new log sources into Splunk.
  • Configuring indexes, sourcetypes, field extractions, parsing, and data inputs.
  • Building searches, dashboards, alerts, and reports in Splunk.
  • Monitoring event types and identifying patterns, anomalies, or operational risks.
  • Creating correlation rules and alerts based on specific log activity.
  • Supporting log ingestion from applications, infrastructure, security tools, and network devices.
  • Ensuring logs are correctly structured, indexed, and searchable.
  • Documenting use cases, data flows, alert logic, and operational procedures.
  • Working with security, infrastructure, and application teams to improve observability and detection capability.

Required Skills & Experience

The successful candidate should have:

  • Strong hands-on experience with Splunk Enterprise or Splunk Cloud.
  • Experience building Splunk use cases from raw log data.
  • Good understanding of log indexing, sourcetypes, event types, and field extraction.
  • Ability to onboard and troubleshoot log sources.
  • Experience creating dashboards, alerts, reports, and correlation searches.
  • Understanding of monitoring, alerting, and event management.
  • Ability to analyse logs and identify meaningful events or patterns.
  • Experience working with technical teams to gather requirements and translate them into Splunk searches or dashboards.
  • Strong documentation and communication skills.
  • Splunk Enterprise Security.
  • Security monitoring or SIEM use cases.
  • Windows, Linux, network, firewall, application, or cloud logs.
  • Syslog, APIs, forwarders, and data ingestion pipelines.
  • Regex and field extraction.
  • Incident response or SOC environments.
  • Data models, CIM compliance, and accelerated searches.
  • ITSI or observability tooling.
Apply Now
Apply Now

Job Details

Company
Bonhill Partners
Location
London Area, United Kingdom
Hybrid / Remote Options
Posted