National AI Awards 2025Discover AI's trailblazers! Join us to celebrate innovation and nominate industry leaders.

Nominate & Attend

Security Architect Lead

Matchtech
Greater London
1 month ago
Create job alert

Job summary

We are seeking an experiencedSplunk Engineer / Security Architectto lead strategic and tactical improvements to the SIEM and associated components across a large-scale hybrid security environment.

Key skills required for this role

Splunk SaaS SIEM Architecture Cyber Security Operations Centre (CSOC) AWS Infrastructure MITRE ATT&CK Framework SOAR Integration

Important

Splunk SaaS SIEM Architecture Cyber Security Operations Centre (CSOC) AWS Infrastructure MITRE ATT&CK Framework SOAR Integration

Job description

Splunk Engineer / Security Architect
Location:Hybrid - Remote with up to 2 days/week in
Contract Duration:9 months (192 working days)
Active SC clearance required


Role Overview


We are seeking an experiencedSplunk Engineer / Security Architectto lead strategic and tactical improvements to the SIEM and associated components across a large-scale hybrid security environment. You'll play a pivotal role in enhancing monitoring capabilities, driving SIEM convergence, and supporting the maturity of security operations.


This role is aligned to a national programme improving the government's ability to detect and respond to cyber threats across multiple portfolios. You'll work alongside the SIEM Product Owner and CSOC teams to define and deliver architectural and engineering enhancements using Splunk SaaS and related technologies.


Key Responsibilities

Produce and maintain architecture diagrams, high- and low-level design documentation


Lead configuration of Splunk and associated infrastructure (AWS EC2, S3, SQS, etc.)
Drive use case development aligned with CSOC and MITRE ATT&CK framework
Attend and represent the project at key technical forums (ADF, TDA, workshops)
Deliver improvements to SIEM architecture, use cases, automation, and data enrichment
Improve onboarding processes for directorates and manage onboarding QA
Lead integration of SOAR, Attack Analyzer, and other tooling into operational use
Standardise collection tier components using Infrastructure as Code (IaC) where possible

Essential Skills & Experience

Strong experience inSplunk SaaSas a lead engineer and/or architect


Deep understanding ofSIEM Engineering & Architecture, particularly in CSOC environments
Demonstrated experience leadingend-to-end SIEM improvement initiatives
Proven ability to define and implement change within complex cyber environments
Excellent documentation, communication, and stakeholder engagement skills
Solid AWS infrastructure knowledge (EC2, S3, SQS, etc.)

Desirable Skills & Experience

Experience with SIEM convergence from legacy platforms


Familiarity with tools such as JIRA, Confluence, Git
Background in Ethical Hacking, IDAM, PKI, or broader information security disciplines
A team-oriented, adaptable mindset with a problem-solving approach

Required Qualifications

Splunk Cloud Administrator


Splunk Enterprise Security
Splunk SOAR Administrator
Splunk Certified Cybersecurity Defence Analyst
Cloud Security Architecture (CSA)
Microsoft Azure Infrastructure Solutions

Desirable Certifications

Certified Information Systems Security Professional (CISSP)


Ethical Hacking & Intrusion Prevention
Information Security Management Systems (ISMS)
Identity Access & Management (IDAM) Share

manages this role

Matchtech is a STEM Recruitment Specialist, with over 40 years’ experience

Related Jobs

View all jobs

Security Architect Lead

Security Architect Lead - 12-month Contract - SC Cleared

Security Architect Lead

Security Architect

Principal Enterprise Security Architect

Cyber Security Architecture and Innovation

National AI Awards 2025

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Careers

How to Present Cyber Security Solutions to Non-Technical Audiences: A Public Speaking Guide for Job Seekers

Cyber security is no longer just an IT issue—it’s a board-level priority. Whether you’re applying for a role in penetration testing, security operations, risk management, or compliance, your ability to clearly explain cyber threats and solutions to non-technical stakeholders is vital. This guide will help cyber security job seekers develop one of the most in-demand soft skills in the industry: public speaking. You’ll learn how to simplify complex concepts, structure effective presentations, use storytelling and analogies, and handle common stakeholder questions with confidence.

Jobs

Cyber Security Jobs Employer Hotlist 2025: 50 UK Companies Actively Hiring Right Now

Bookmark this guide—refreshed every quarter—so you always know who’s really expanding their cyber security teams. Ransomware payouts broke records in 2024, the UK’s new Cyber Security Bill imposed mandatory breach disclosure, and the National Cyber Force’s move to Samlesbury has super‑charged the northern skills market. Result? Demand for security architects, SOC analysts, penetration testers, cloud‑security engineers, threat hunters & GRC specialists is at an all‑time high in 2025. Below you’ll find 50 organisations that have posted UK‑based cyber security vacancies or announced head‑count growth during the past eight weeks. They’re organised into five quick‑scan categories. For every employer you’ll see: Main UK hub Example live or recent vacancy Why it’s worth a look (tech stack, culture, mission) Search any company on CyberSecurityJobs.tech to view current ads, or set a free alert so fresh openings land straight in your inbox.

Jobs Careers

Return-to-Work Pathways: Relaunch Your Cyber Security Career with Returnships, Flexible & Hybrid Roles

Re-entering the workforce after a career break can feel especially challenging in a fast-moving field like cyber security. Whether you stepped away for parenting, caregiving or another life chapter, the UK’s cyber security sector now offers a range of return-to-work pathways—from structured returnships to flexible and hybrid roles. These programmes value the transferable skills and resilience you’ve developed during your break, pairing you with mentorship, upskilling opportunities and supportive networks to ease your transition back into cyber security. In this article, tailored for parents and carers, you’ll discover how to: Understand the growing demand for cyber security talent in the UK Translate your organisational, communication and problem-solving skills into cyber security roles Tackle common re-entry challenges with practical solutions Refresh your technical knowledge through targeted learning Access returnship and re-entry programmes specific to cyber security Find roles that accommodate family commitments—whether hybrid, flexible or full-time Balance your career relaunch with caring responsibilities Master applications, interviews and networking in cyber security Draw inspiration from real returner success stories Whether you aim to return as an analyst, penetration tester, security engineer or compliance specialist, this guide will equip you with the steps and resources to reignite your cyber security career.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.