Engineer - Splunk

Key Responsibilities

• Own the build, operation, and continuous improvement of the Splunk SOAR service. 
• Design, develop, review, and maintain Splunk SOAR playbooks to support security detection, investigation, and response. 
• Translate security use cases, incidents, and operational requirements into effective automated workflows. 
• Test SOAR playbooks thoroughly and manage controlled deployment into production environments. 
• Ensure playbooks and integrations follow security engineering best practices and governance requirements. 
• Work closely with SOC analysts, security engineering teams, and stakeholders to optimise automation outcomes. 
• Perform playbook tuning, troubleshooting, and enhancements to improve reliability and response times. 
• Maintain clear technical documentation for playbooks, integrations, and processes. 
• Support live security operations where SOAR automation is involved. 
• Manage your own queue of work, prioritising tasks and communicating progress effectively. 
• Engage directly with customers, providing technical guidance, support, and assurance. 

Skills, Knowledge & Expertise

• Proven experience as a Splunk Engineer, Splunk SOAR Engineer, or similar security automation role. 
• Strong hands‑on experience developing and managing Splunk SOAR playbooks. 
• Solid understanding of Splunk platform architecture, including:  
• Search heads, indexers, forwarders 
• Data ingestion and performance considerations 
• Strong experience using Splunk SPL (Search Processing Language). 
• Experience integrating Splunk SOAR with security tools such as SIEM, IAM, EDR, firewalls, and ticketing platforms. 
• Strong understanding of security engineering best practices, including incident response and automation safety. 
• Good understanding of security governance, policies, and control frameworks. 
• General understanding of software development practices, including:  
• Version control systems (e.g. Git) 
• Code review and release controls 
• Familiarity with CI/CD pipelines and deployment workflows. 
• Ability to work independently and take ownership of delivery and outcomes. 

• Practical knowledge of Python, particularly for playbook actions, scripting, or custom integrations. 
• Experience working with AWS and/or Azure environments. 
• Understanding of cloud security principles and services. 
• Knowledge of security engineering controls, particularly identity and access management (IAM). 
• Experience working with APIs, webhooks, and automation integrations. 
• Familiarity with AI‑driven SOC capabilities, such as:  
• AI‑assisted alert triage or incident enrichment 
• Use of AI within detection and response workflows 
• Experience using AI security coding tools or AI‑assisted development tools. 
• Exposure to infrastructure automation or infrastructure‑as‑code concepts. 
• Experience supporting managed security services or customer‑facing security platforms. 

• Strong customer‑facing skills, able to communicate clearly and confidently with technical and non‑technical audiences. 
• Highly organised, with the ability to manage your own workload and priorities effectively. 
• Analytical and methodical approach to problem‑solving and automation design. 
• Proactive mindset with a focus on continuous improvement. 
• Comfortable operating in fast‑paced, security‑critical environments. 
• Collaborative team player with a strong sense of ownership and accountability. 

Job Benefits

• Flexible Working: Balance your work and personal life with our flexible working options.
• Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave.
• Medicash & Critical Illness Scheme
• Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme.
• Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities.
• Green Car Scheme: Drive green and save money with our eco-friendly car scheme.
• Cycle Scheme: Stay fit and healthy with our cycle-to-work scheme.
• Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet.
• Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.