Security Engineer (Splunk/Elastic) - MOD DV Cleared

Location: Hemel Hempstead Type: 4-5 days on-site IR Status: Inside Rate: £500 - £750 Clearance: Must have active MOD DV Contingency: Must be a sole British National Length: Initial 6 months Role Overview As a Security Engineer, you will be leading the design, documentation and installation of security monitoring tools/platforms to provide data to the Security Operational Centre (SOC) for analysis. Your role will be pivotal in ensuring that they have the correct tooling operating to ensure that they can provide protection and monitoring of their clients. You will collaborate with cross-functional teams to assess risks, design controls, and define testing requirements. Key Responsibilities/Technical Skills: Splunk (Enterprise & ES): Advanced SPL for correlation searches, data models (CIM), notable events, risk-based alerting (RBA), and accelerated data sets. Proficient in TA/TAF configuration, props/transforms, parsing/line-breaking, and source type normalisation. Experience with KV store, summary indexing, search head clustering, indexer clustering, and deployment servers. Elastic (Elastic Stack / Elastic Security): Hands-on with index lifecycle management (ILM), ingest ...