Security Engineer (Splunk/Elastic) - MOD DV ClearedLocation: Hemel HempsteadType: 4-5 days on-siteIR Status: InsideRate: £500 - £750Clearance: Must have active MOD DVContingency: Must be a sole British NationalLength: Initial 6 monthsRole OverviewAs a Security Engineer, you will be leading the design, documentation and installation of security monitoring tools/platforms to provide data to the Security Operational Centre (SOC) for analysis. Your role will be pivotal in ensuring that they have the correct tooling operating to ensure that they can provide protection and monitoring of their clients. You will collaborate with cross-functional teams to assess risks, design controls, and define testing requirements.Key Responsibilities/Technical Skills:Splunk (Enterprise andamp; ES):Advanced SPL for correlation searches, data models (CIM), notable events, risk-based alerting (RBA), and accelerated data sets.Proficient in TA/TAF configuration, props/transforms, parsing/line-breaking, and source type normalisation.Experience with KV store, summary indexing, search head clustering, indexer clustering, and deployment Servers.Elastic (Elastic Stack/Elastic Security):Hands-on with index life cycle management (ILM), ingest pipelines, ECS mapping, transforms, and enrichment.Experience designing and tuning detection rules (KQL, EQL), response actions, case workflows, and Elastic Security posture features.Skilled in Fleet/Agent deployment, data stream design, and performance tuning at scale.S