SIEM Support - Splunk Consultant
Location: Hybrid - Primarily Remote with occasional onsite visits
Onsite Location: Redhill
Contract Length: Initial 60-90 days
Start Date: ASAP
Rate: £600 per day
Engagement: Contract
Overview
We are seeking an experienced SIEM Support Consultant with strong Splunk expertise to support an existing Splunk Cloud deployment. The role will focus on onboarding assets, integrating data sources, and documenting the current SIEM environment.
This role requires someone capable of working independently in a mature Splunk environment, ensuring assets and systems are successfully integrated while maintaining clear operational documentation.
The consultant should have a strong cross-platform background across Unix/Linux and Windows (Wintel) environments.
Key Responsibilities
Onboard new assets and systems into an existing Splunk Cloud SIEM environment
Configure and validate log ingestion and data sources
Support integration of Unix/Linux and Windows-based systems
Document the existing Splunk architecture, integrations, and onboarding processes
Troubleshoot ingestion issues and ensure data is correctly parsed and indexed
Work closely with internal security and infrastructure teams
Maintain high-quality documentation for SIEM operations and asset onboarding
Operate independently within an established Splunk Cloud environment
Required Skills & Experience
Strong experience with Splunk (particularly Splunk Cloud)
Hands-on experience onboarding assets and data sources into SIEM platforms
Experience supporting SIEM operations and log management
Strong working knowledge of Unix/Linux environments
Strong working knowledge of Windows/Wintel systems
Experience documenting technical environments and processes
Ability to work autonomously in a security-focused environment
Desirable Experience
Experience working within secure or highly regulated environments
Familiarity with SIEM architecture and security monitoring processes