The Role: The Monitoring Engineer (Enterprise Security) within the Infrastructure Group, will be part of the team responsible for managing the services that power real-time monitoring, logging, tracking and alerting for the IT business of our global health organisation.The Monitoring Engineer (Enterprise Security) is responsible for a broad range of responsibilities, with a primary emphasis on Splunk Enterprise Security operations. They will work closely with Management, the Cyber Security and Incident Response teams, and other internal organisations to serve as one of the subject matter experts on the configuration of Splunk and Splunk ES to monitor large scale enterprise systems solutions. Job Responsibilities:Responsible for the company’s Splunk and Splunk ES environment, including data source onboarding, content development, alert creation, access administration, dashboard and application design and development.Engineer, develop, implement, administer and deliver solutions for the SIEM platform centred on Splunk Enterprise Security.Assist the CyberSecurity team in developing security-focused content for Splunk, including creating complex threat detection logic and operational dashboards, troubleshooting issues, analysing, identifying, and tuning Splunk user dashboards for performance.Provide coaching and mentorship to technology teams, including Cyber, to enable Splunk ES to satisfy their business goals.You will engage and work with the business to research, analyse and review business, functional and technical requirements, design and support implementations, conduct diagnostics, create design documents, prepare test data, build and deliver monitoring solutions.Develop and comprehensively document new processes, procedures and solutions.Work in a team-oriented environment to deliver team goals and can effectively handle multiple priorities. Work independently and achieve results; remaining flexible and responsive to changes in requirements.Willingness to learn and advise on issues relating to existing and new technologies.Implement event logging, secure coding standards and data access management.Organise tasks, responsibilities and priorities using appropriate time management skills to deliver high-quality work.Define, maintain, and enforce best practices for the Splunk practice. Key experience and knowledge: 3+ years of experience administering or developing Splunk in an enterprise environment.1+ year experience administering Splunk ES.Experience working with internal stakeholders, both at the IT and business levels.Must have a thorough knowledge of information security components, principles, practices, and procedures.Extensive experience implementing Enterprise Security event processing and normalisation, technology add-ons, risk analysis settings, threat intelligence and protocol intelligence configurationA solid understanding of Splunk data acquisition, dashboard design, Splunk searching & optimisation, Splunk reporting, Splunk knowledge objects, regex, Data Normalization and Splunk CIM.Experience working both independently and in a collaborative, team-oriented environment.Must have a thorough knowledge of web application, infrastructure, and internet security and a general understanding of common operating systems, networking protocols, server, database, and application development in an Enterprise level environment.Strong communication skills show attention to detail and a high level of accuracy in written and spoken communications.Strong foundations in one or more of the following languages; Python, Bash, Powershell. If you would like to discuss this role in more detail, please get in touch with Kelly Razlog. 📱0408 241 208 💻 firstname.lastname@example.org At Randstad, we are passionate about providing equal employment opportunities and embracing diversity to the benefit of all. We actively encourage applications from any background.