▷ (Urgent) Splunk Engineer - Cribl (NV1)

5 days ago

Council of the City of Sydney, Australia ROBERT WALTERS AUSTRALIA Full time

Overview

Long-term contract to utilise strong Splunk and Cribl skills in an NV1 cleared environment. Experience with Splunk Phantom/SOAR highly desirable.

You will be working across different projects from a Splunk perspective, on use case development, log ingestion setup and, in some cases, the setup and build of a Splunk SIEM.

This role can be based anywhere across Australia but you will be working on East Coast time zones. Interview process is a quick 1, maximum 2 round process with no DIY/take-home tasks.

This role requires deep expertise in modern security data architectures, large-scale log ingestion, data transformation, and federated search across SIEM and Data Lake platforms. You will help design, implement, and optimise scalable logging and SOC integration architectures to deliver cost efficiency, operational resilience, and readiness for next-gen SOC operations.

Aboriginal and Torres Strait Islander Peoples are encouraged to apply. To apply please click apply or call Paolo Paparo on 02 8289 3150 for a confidential discussion.

Key Responsibilities

- Design and implement security data pipelines (e.g., Cribl, Splunk DMX, Kafka-based pipelines).
- Architect and optimise Security Data Lakes (AWS Security Lake, Snowflake, Delta Lake).
- Configure and manage SIEM platforms (Splunk, Microsoft Sentinel, or equivalent).
- Develop log rationalisation, enrichment, suppression, and parsing strategies.
- Build and manage data ingestion frameworks, schema management, and ETL/ELT pipelines.
- Enable federated search and cross-platform analytics across SIEMs and data lakes.
- Support SOC onboarding by integrating SIEM pipelines with SOAR, TI, and case management systems.
- Conduct readiness validation and performance benchmarking of logging and SOC onboarding architectures.
- Provide knowledge transfer, documentation, and operational playbooks.

Required Skills & Experience

- 5+ years’ experience in security operations engineering, SIEM, or data platforms.
- Data engineering expertise in log ingestion, schema transformation, and distributed systems.
- Strong expertise with at least one security data pipeline (Cribl Stream, Splunk DMX, Fluentd, Logstash).
- Hands-on experience with data lakes (AWS Security Lake, Snowflake, Microsoft Fabric, or Delta Lake).
- Proficiency in SIEM platforms (Splunk Cloud/Enterprise Security, Microsoft Sentinel).
- Strong scripting and automation skills (Python, SQL, PowerShell).
- Familiarity with cloud environments (AWS, Azure, GCP).
- Strong experience with SOC onboarding workflows and integrations (ticketing, SOAR, TI).
- Excellent communication and documentation skills.

Job Details

Contract Type: Contract

Focus: Cyber Security & Risk

Salary: AUD120 - AUD138 per hour + incl. super (or plus GST)

Workplace Type: Remote

Experience Level: Mid Management

Location: Sydney

Job Reference: 06GTAH-8F3F8ABE

Date posted: 10 October 2025

#J-18808-Ljbffr

  • Splunk Engineer

    1 week ago

    Sydney, New South Wales, Australia Robert Walters Full time $120,000 - $180,000 per year

    Long-term contract to utilise strong Splunk and Cribl skills in an NV1 cleared environment. Experience with Splunk Phantom/SOAR highly desirable.You will be working across different projects from a Splunk perspective, working on use case development, log ingestion setup and in some cases the setup and build of a Splunk SIEM.This role can be based anywhere...

  • Observability Engineer

    2 weeks ago

    North Sydney Council, Australia Dipole Group Full time $120,000 - $180,000 per year

    Role OverviewWe are seeking a highly skilled Observability Engineerwith hands-on experience in Cribl Streamand Dynatraceto design, implement, and optimize enterprise observability platforms. This role is responsible for ensuring that telemetry data—logs, metrics, traces, and events—is efficiently collected, transformed, enriched, and visualized to...

  • ▷ Urgent: Splunk Administrator

    2 days ago

    Council of the City of Sydney, Australia Hamilton Barnes Associates Limited Full time

    Ready to turn data into actionable insights through seamless platform management? Join a technology consulting and services provider recognised for delivering data-driven, secure, and cloud-enabled solutions across industries. With deep expertise in analytics, automation, and digital transformation, the organisation continues to help enterprises unlock the...

  • Senior Solutions Engineer

    3 weeks ago

    City of Melbourne, Australia Splunk Inc. Full time

    Overview Join our disruptive vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun and most importantly to each other’s success. As a Senior...

  • ▷ Urgent Search: Security Sales Specialist

    2 weeks ago

    City of Melbourne, Australia Splunk Inc. Full time

    Splunk is here to build a safer and more resilient digital world. The world's leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. While customers love our technology, it's our people that make Splunk stand out as an amazing career destination and why we've won so many awards as a best...

  • Linux System Engineer

    4 days ago

    Council of the City of Sydney, Australia NES Global Talent Full time

    Seeking a skilled Linux System Engineer to join our Federal Government Client. 12 Months Contract with extensions Sydney, NSW Hybrid work flexibility 2-3 days on-site / WFH Key Responsibilities: - Run and maintain core IT services including data centres, servers, virtualisation, operating systems, storage, backup, time services, logging, email, domain...

  • [Urgent Search] C++ Software Engineer

    2 weeks ago

    Council of the City of Sydney, Australia Interpro Full time

    Overview My client is a growing Australian company in the defence sector. They/'re currently looking for an experienced C++ engineer ideally with experience in a Windows environment - any exposure to C++ 20 would be highly advantageous. They offer a hybrid working environment and a good corporate culture. As the role is in the defence industry though you...

  • Regional Sales Manager

    1 week ago

    North Sydney Council, Australia Splunk Full time $120,000 - $150,000 per year

    Splunk is here to build a safer and more resilient digital world. The world's leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. While customers love our technology, it's our people that make Splunk stand out as an amazing career destination and why we've won so many awards as a best...

  • Global Technical Observability Strategist

    5 days ago

    Sydney, Australia Splunk Full time

    Role The primary function of the GTM Strategy & Specialization organization is to unify, advance and expand the value of the Splunk portfolio by providing deep domain expertise to drive execution and incubate new and emerging Security, IT and DevOps use-cases and solutions. Over time, Global Strategists will transition successful incubation-stage use cases...

  • Observability Solution Architect

    2 days ago

    Sydney, New South Wales, Australia Splunk Full time $120,000 - $180,000 per year

    Join us as we pursue our disruptive new vision to help organisations build digital resilience for safe and reliable systems. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we're committed to our work, customers, having fun and most meaningfully, to each other's...