**Note - this is SIEM Security focused Engineer position** We’re on the lookout for a Senior Splunk Engineer to join a major financial services environment based in Sydney’s CBD. This isn’t your run-of-the-mill SIEM gig, think one of the top 10 heaviest Splunk instances globally.
What’s the role all about? - Building, managing, and maintaining a complex Splunk environment
- Working closely with automation, DevOps, and engineering teams to drive efficiency
- Supporting log onboarding, TA upgrades, data normalisation and transformation
- Collaborating with threat detection and security teams, but this role is engineering-first, not analyst-focused
- Playing a key role in a multi-year modernisation program around data quality, automation, and scalability
You’ll be joining a small but skilled team with real investment behind Splunk (recently renewed for another 3 years). You'll also work with a mix of specialists and generalists across security, infrastructure, and application domains.
What kind of person thrives here? - Someone who’s switched on, collaborative, and confident working in a fast-paced, regulated environment
- Resilient, resourceful, and able to lead projects and influence outcomes
- Deep in Splunk, but flexible enough to contribute across infrastructure, DevSecOps, and tooling
- Comfortable with autonomy, you’ll be trusted to lead from the front, along with a top-class team
Bonus points for: - Experience with Splunk UBA or similar tools
- Strong scripting/automation chops
- Exposure to large enterprise log environments (hundreds of varied sources)
Location & Flexibility - Sydney CBD-based
- Hybrid setup – 3 days in office, including Monday and Friday
- Worth noting full working rights will be required for this. Citizen or Permanent Residency.
Open to hearing more? Apply directly or reach out for a 100% confidential conversation.
harry@decipherbureau.com