19 of 19 Search Processing Language Jobs

enable rapid containment. Automation: Develop Security Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response times. Threat Hunting: Proactively search for undetected malicious activity using specialised queries. Training: Enhance the CrowdStrike, Splunk, and security analysis skills of the existing team, providing opportunities for professional development … Solid hands-on experience with Falcon Prevent, Insight, and Discover. Certification (CCFA/CCFR) is a significant advantage. Splunk Proficiency: Skilled in writing complex Search Processing Language (SPL) queries and managing Splunk Enterprise Security (ES). Technical Knowledge: Strong Understanding of network protocols, cloud security (AWS/ ...

experience with Falcon Prevent, Insight, and Discover. Certifications such as CCFA or CCFR are a big plus! Splunk Proficiency: Ability to write complex Search Processing Language (SPL) queries and manage Splunk Enterprise Security. Technical Breadth: Strong knowledge of network protocols, cloud security (AWS/Azure ...

with deep hands-on experience with Falcon Prevent, Insight, and Discover. You will also be a Splunk Power user with proficiency in writing complex Search Processing Language (SPL) and managing Splunk Enterprise Security (ES). You must have a strong understanding of network protocols, cloud security ...

with deep hands-on experience with Falcon Prevent, Insight, and Discover. You will also be a Splunk Power user with proficiency in writing complex Search Processing Language (SPL) and managing Splunk Enterprise Security (ES). You must have a strong understanding of network protocols, cloud security ...

false positives • Supporting SOC analysts and wider engineering teams with technical expertise • Driving detection maturity and technical standards What we’re looking for: ✔ Strong Splunk (SPL) and/or Microsoft Sentinel (KQL) experience ✔ Detection engineering experience within enterprise or MSSP environments ✔ Solid understanding of attacker TTPs and threat detection methodologies ...

Sentinel, Splunk, Elastic) * Experience writing and tuning queries using: o Kusto Query Language (KQL) o ES|QL/Kibana Query Language o Splunk SPL * Understanding of event correlation, alerting, and detection use-case development ________________________________________ Technical Foundations * Strong knowledge of: o Linux and Windows operating systems o Core networking ...

maximum) to provide expert-level support for Splunk, our Security Information and Event Management (SIEM) system. Background: • Maintain Splunk environment health, including performance and search capability optimization. • Support Cyber Analysts in developing and refining detection searches to improve visibility and security monitoring. • Assist with onboarding and configuring new data ...

Technical Work Assist in the configuration and deployment of Splunk, Cribl, and observability tooling under the guidance of senior engineers. Support the ingestion and processing of data Learn to apply parsing logic, data normalisation, and enrichment techniques for structured and unstructured log data. Help monitor and troubleshoot data pipelines ...

Highly Available Splunk Enterprise Deployments Cluster Manager/License Master/Deployer/Deployment Server/Monitoring Console/Multi-Site Indexer Cluster/Search Head Cluster Forwarder Deployment - Deploy/Configure Universal Forwarders/Heavy Forwarders Build Deployment Apps/Server Classes/Automated Rollout Scripts Data Onboarding … Usage/Resource Utilization (CPU/Memory/I/O) Reducing MTTR via Proactive Tuning of Correlation Searches/Thresholds/Suppression Rules Splunk SPL (advanced) - Write/Optimize/Debug Complex SPL Queries (Statistical Commands/Lookups/Macros/Eventtypes/Tags/Data Models/Subsearches ...

We are looking for an experienced Splunk Engineer to lead the design, deployment and optimisation of enterprise-scale security monitoring platforms. This is a hands-on technical role, suited to someone with strong Splunk Enterprise ...

team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators … TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment ...

team, or cyber defence environments, with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators … TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis, and impact assessment ...

SOC Engineer (Splunk) Location: London (Full time - 5 days onsite) Salary: £65,000 + bonus Clearance: Must be eligible for UK Developed Vetting (DV) clearance We are seeking an experienced Security Content Engineer to join ...

SIEM Engineer – Watford, UK Up to £85,000 salary depending on experience Full time onsite role in Watford DV clearance required ABOUT THE CLIENT Our client is a highly respected technology and security services provider ...

Managing Security Engineer - Watford, UK Up to £85,000 Depending on Experience Fully on-site in position DV clearance required ABOUT THE CLIENT Our client operates within a highly secure, technology-driven environment, delivering critical ...

SIEM Engineer – Watford, UK Up to £85,000 salary depending on experience Full time onsite role in Watford DV clearance required ABOUT THE CLIENT Our client is a highly respected technology and security services provider ...

consistency), including automated checks and exception reporting. Partner with engineers to standardise event/log formats and field extractions (CIM alignment where applicable), improving search performance, automation observability, and report reliability. Produce recurring reporting packs and self-service dashboards for stakeholders (platform, security, risk, audit), including narrative insights, trends …/operations concepts (e.g., servers, patching, configuration drift, incidents) and how metrics support reliability and compliance. Proficiency with Excel and at least one analysis language or tool (e.g., Python, SQL) for data preparation and validation. Familiarity with Git-based workflows and basic CI/CD concepts to manage ...

Senior Cyber Security Engineer (Contract) Location: East London (Local Council) Rate: 500 per day (Umbrella) Duration: 6 months Working Pattern: Hybrid - 1-3 days per week onsite (depending on project needs) The Opportunity We are ...

Senior Cyber Security Engineer (Contract) Location: East London (Local Council) Rate: £500 per day (Umbrella) Duration: 6 months Working Pattern: Hybrid - 1-3 days per week onsite (depending on project needs) The Opportunity We are ...