2 of 2 Remote/Hybrid Splunk Jobs in Central London

platform efficiency and reduce licensing costs. Develop and maintain data parsing, normalisation, and enrichment processes. Support integration with security and monitoring platforms such as Splunk, Microsoft Sentinel, Elastic, and Datadog. Troubleshoot data ingestion, routing, and pipeline performance issues. Work with Security Operations teams to ensure required log sources are onboarded … Lake (desirable) Experience building and managing large-scale data pipelines. Strong understanding of data routing, filtering, enrichment, and transformation. Security & Observability Experience working with: Splunk Microsoft Sentinel Elastic Stack Datadog Security Information and Event Management (SIEM) platforms Understanding of SOC operations and security monitoring requirements. Experience onboarding security log sources. ...

likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible for un-caveated UK SC Clearance. … Responsibilities Develop, maintain, and optimise detection content (primarily within Splunk SIEM) to identify threats across cloud, endpoint, and network environments. Collaborate across security functions to identify gaps in logging, alerting, and detection coverage aligned to business risk. Improve SecOps processes by recommending enhanced logging, identifying trends, and driving operational optimisation. ...