Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Enhance Splunk SaaS performance in a Cyber Security Operations Centre.
- Company: Join a forward-thinking company focused on cyber security innovation.
- Benefits: Enjoy flexible working options and a commitment to diversity and inclusion.
- Why this job: Be part of a team that drives impactful technology changes in cyber security.
- Qualifications: Deep Splunk SaaS expertise and strong SIEM engineering skills required.
- Other info: Candidates with active SC clearance will be fast-tracked for interviews.
The predicted salary is between 43200 - 72000 £ per year.
This role is focused on enhancing the performance and maturity of the SIEM platform, particularly Splunk SaaS, within a Cyber Security Operations Centre. The role involves engineering and architectural improvements to simplify complexity, improve automation, and standardise components across environments. Key priorities include advancing data models, aligning use cases with the MITRE ATT&CK framework, and implementing a unified Risk-Based Alerting approach.
Success in this role requires strong SIEM architecture and engineering skills, a proven track record in delivering technology change, and effective communication capabilities. Essential qualifications include deep Splunk SaaS expertise, experience leading SIEM improvements that raise maturity levels, and a full understanding of SIEM convergence and implementation life cycles.
Key accountabilities:- Produce Architecture diagrams, high level and low-level design documents.
- Configuration of Splunk with use cases in line with CSOC standards.
- Configuration of Splunk as part of onboarding CNI and all other systems.
- Configuration of all infrastructure including AWS - EC2, S3 buckets, SQS queues etc.
- Attend technical workshops, represent the project at key meetings such as the ADF, TDAs etc.
- Represent the project across all technical discussions relating to Splunk, Onboarding, SOAR, Attack Analyzer etc.
- SIEM Engineering and Architecture skills, specifically in Splunk SaaS.
- Full end to end experience of delivery life cycle experience for improvements to Splunk SaaS.
- Experience of defining improvements within Cyber departments, particularly, SIEM improvements within Cyber Security Operations Centre (CSOC) functions that result in an increase in SIEM Maturity Levels.
- Good communication, reporting, documentation and presentational skills.
- AWS Infrastructure skills for the configuration of EC2 Servers, S3 buckets etc.
- Public Sector experience.
- Experience with wider SIEM Solutions.
- Experience with multiple Cyber Security related technologies.
- SC highly desirable; candidates with active SC clearance will be fast-tracked.
Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let us know. If you consider yourself to have a disability or if you are a veteran, and you meet the essential criteria for the role, you will be put forward for the Guaranteed Interview scheme whereby you will have the opportunity to discuss this role and your suitability with a member of the Sourcing team. As an Equal Opportunities Employer, we provide the best talent and encourage all applications regardless of background, in line with our commitment to diversity, equality and inclusion.
Splunk Security Architect employer: Triumph Consultants Ltd
Contact Detail:
Triumph Consultants Ltd Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Splunk Security Architect
✨Tip Number 1
Familiarise yourself with the latest updates and features of Splunk SaaS. Being well-versed in the platform will not only boost your confidence but also allow you to engage in meaningful discussions during interviews.
✨Tip Number 2
Network with professionals in the Cyber Security field, especially those who have experience with SIEM solutions. Attend relevant meetups or webinars to gain insights and potentially get referrals that could help you land the job.
✨Tip Number 3
Prepare to discuss specific examples of how you've improved SIEM maturity levels in previous roles. Highlighting your hands-on experience with architecture diagrams and configuration will demonstrate your capability to handle the responsibilities of this position.
✨Tip Number 4
Brush up on your AWS skills, particularly around EC2 and S3 configurations. Being able to speak knowledgeably about these technologies will show that you're ready to tackle the infrastructure aspects of the role.
We think you need these skills to ace Splunk Security Architect
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience with Splunk SaaS and SIEM architecture. Use specific examples of past projects where you improved SIEM maturity levels or implemented automation.
Craft a Strong Cover Letter: In your cover letter, emphasise your communication skills and your ability to lead technology changes. Mention your familiarity with the MITRE ATT&CK framework and how you've applied it in previous roles.
Showcase Relevant Skills: Clearly outline your AWS infrastructure skills and any experience with Cyber Security technologies. This will demonstrate your capability to handle the technical aspects of the role effectively.
Prepare for Technical Questions: Anticipate questions related to SIEM improvements and architectural design. Be ready to discuss your approach to simplifying complexity and standardising components across environments.
How to prepare for a job interview at Triumph Consultants Ltd
✨Showcase Your Splunk Expertise
Make sure to highlight your deep knowledge of Splunk SaaS during the interview. Be prepared to discuss specific projects where you've enhanced SIEM performance and maturity, as well as any architectural improvements you've implemented.
✨Align with MITRE ATT&CK Framework
Familiarise yourself with the MITRE ATT&CK framework and be ready to explain how you've aligned use cases with it in previous roles. This shows your understanding of industry standards and your ability to apply them effectively.
✨Demonstrate Communication Skills
Since effective communication is key for this role, practice articulating your thoughts clearly. Prepare to discuss how you've communicated technical concepts to non-technical stakeholders or led workshops in the past.
✨Prepare for Technical Discussions
Anticipate questions related to AWS infrastructure and other cyber security technologies. Brush up on your knowledge of EC2, S3, and SQS, and be ready to discuss how you've configured these in relation to Splunk.
