Job title: SIEM Engineer
Job type: Permanent
Emp type: Full-time
Industry: Financials
Skills: Cyber
Salary type: Annual
Salary: negotiable
Location: Remote
Job published: 22-05-2025
Job ID: 52192

Job Description

They have just renewed Splunk for another three years. Yep, they’re in deep, and have an exciting product roadmap ahead. They’ve have an excellent Application Engineer who has been in there a while, so you wont be there alone . So if you've been living and breathing Splunk and you’re tired of chaotic environments, here's your chance to shape something from the ground up.

This is a large, complex environment where Splunk is critical to the SOC, and a big chunk of your time will be spent supporting and developing the platform. They're looking to get smarter with how they use it — not just keeping the lights on, but making things faster, cleaner, and more useful. Think about building out apps, tuning correlation searches, making sure data’s clean and normalised, and ensuring detection engineers aren’t working with terrible data.

They're currently onboarding new logs, fixing bad data, and normalising sources. You’ll work closely with engineers to make sure they’re getting what they need to do their jobs properly. 

You'll need to be strong in Splunk, know your way around props.conf and transforms.conf, be comfortable with scripting (Python or bash is fine), and have a sense of humour when things break. Because they will. And you'll fix them.

russell@theonset.com.au / 0438984265

Apply with indeed
File types (doc, docx, pdf, rtf, png, jpeg, jpg, bmp, jng, ppt, pptx, csv, gif) size up to 5MB
File types (doc, docx, pdf, rtf, png, jpeg, jpg, bmp, jng, ppt, pptx, csv, gif) size up to 5MB