Permanent Full-Time Onsite Work - Deakin ACT, Canberra Government Security Clearance is required A leading enterprise software company is seeking an experienced Splunk Engineer to manage and support their Splunk infrastructure, ensuring the SIEM platform runs efficiently and effectively. This role supports security operations by maintaining Splunk ES and SOAR, and by contributing to threat detection, automation, and data quality across the environment. You will work closely with security and infrastructure teams to onboard new data sources, manage logging infrastructure, and drive continuous improvements across the SIEM environment. Proven experience with Splunk Cloud, federated search configuration, and advanced query development is essential. Key Responsibilities: Manage and maintain the Splunk environment, including search heads, indexers, deployment servers, heavy forwarders, ES, and SOAR. Perform regular system checks, updates, and patching across on-prem and cloud environments. Configure and troubleshoot federated search and Splunk Cloud issues. Onboard and normalise new log sources, ensuring data quality through regular reviews. Build and support dashboards, reports, and advanced queries to meet security and operational needs. Develop and maintain SOAR playbooks and automated security workflows. Oversee heavy forwarder infrastructure to ensure reliable log delivery. Work with security teams to support threat detection, vulnerability management, and incident response. Keep up to date with emerging security threats and trends. Support technical investigations and explore new tools to improve SIEM capabilities. Key Requirements: At least 3 years of experience in cybersecurity, focusing on SIEM, threat detection, and vulnerability management. Hands-on experience with Splunk ES and SOAR, including working with data models and correlation searches. Knowledge of Splunk Cloud, including configuring and troubleshooting federated searches. Skilled in Splunk Search Processing Language (SPL) and creating dashboards. Experience managing large-scale Splunk environments, including clustered setups. Familiarity with automation tools, Git/GitHub, Docker, and Kubernetes. Excellent communication skills to explain technical information clearly to both technical and non-technical teams. Strong analytical and problem-solving skills with great attention to detail. Relevant Splunk certifications are preferred. Salary Package: $200K-$230K (incl. Base, Super, and Bonus) Job Ref: 4003067 TO APPLY: please click on the appropriate link.
