Senior AWS Splunk SME Engineer

  • Anywhere
  • Anywhere


Our Global Cyber Security Engineering Team is currently seeking a Senior AWS Splunk SME Engineer to be a part of their tech motivated team! The team is predominantly based in York, Bristol or Norwich – however, we are flexible with location and the role can be based at one of our offices convenient to your location or home based.

Aviva is increasingly leveraging the cloud for applications and services which needs to be made secure via multiple toolsets and technologies.  We require your experience to assist us with achieving our business objectives via mitigation of any incidents or risks through the adoption of industry standard methodology via policy, effective risk management, assurance and training.

As the Senior AWS Splunk SME Engineer, you will work within the wider Global CISO business unit.  Your main responsibility will be to design, deploy, manage and maintain the AWS Splunk infrastructure and provide technical leadership to a team of DevSecOps Engineers. The role will require flexibility across all time zones as it involves engagement with colleagues from all locations of the global Aviva business.

Responsibilities in the role:

  • Support, improve and administer a hybrid enterprise Splunk platform
  • Contribute to overall product development and implementation of Splunk extensions/apps, configuring and optimising performant searches across terabytes of data ingest per day
  • Responsible for delivering service improvements which include platform tuning, process automation and configuration management
  • Implement, monitor and performance management to ensure health of the platform
  • Ability to understand complex network topologies to support delivery of new agent configurations
  • Ability to troubleshoot Splunk issues – work with Splunk support and product development teams to resolve issues and influence product decisions
  • Engage with stakeholders to understand user requirements and deliver customised dashboards, alerts, reporting for on-premises and cloud hosted products and services
  • Take ownership of incidents and alerts, chasing third-party suppliers and escalation where required
  • Support out of hours on-call service
  • Analysis of management information and delivery of onward reporting
  • Automate general operational tasks where possible (certificate renewals, patching agents, etc.)
  • Optimise performance of the monitoring solution as a whole between major releases (evaluate ebs throughput, iops, changing data collection methods s3 to kinesis etc.)
  • Continuous planning/roadmap for features/enhancements/future state etc
  • Be the main escalation point before speaking to the vendor
  • Check data quality of the current AWS data sources
  • First line of escalation for runtime issues in production
  • Create/monitor general reports (Splunk license capacity, Splunk resource usage (memory/CPU), uptime, crash analysis, data/license consumption by business unit/application, etc.)
  • Manage the monitoring agents (Splunk, SSM, CloudWatch logs agent, database activity monitoring etc.) health and reporting on it (uptime, working state etc.)

Skills and experience we’re looking for:

  • Experience of agile ways of working and DevSecOps
  • Architecture and delivery of Splunk solutions in cloud environments
  • Automation deployment and testing (Terraform and Ansible)
  • Experience in working with AWS cloud
  • Splunk Enterprise Cluster Administration for large scale multi-site deployments
  • Basic Network Protocol knowledge (TCP/IP, DNS, SMTP, SNMP, UDP, etc)
  • Splunk Common Information Model, RBAC and permissions
  • Experience of working with Windows server administration
  • Splunk data models and dashboards
  • Have scripting experience in one or more of the following: Python/Bash /PowerShell
  • Splunk configurations, dependencies, and forwarder management
  • Familiar with the following Web technologies – HTML, CSS, JavaScript & Simple XML
  • Splunk advanced search, reporting and Splunk enterprise security
  • Experience in Splunk platform upgrades
  • Linux operating system (Red Hat preferred)

What will you get for this role?

  • Competitive salary depending on location, skills, experience, and qualifications
  • A generous defined contribution pension scheme
  • Annual performance related bonus and pay review
  • A holiday allowance of 29 days plus bank holidays and the option to buy/sell up to 5 additional days
  • Up to 40% discount for some Aviva products through “My Aviva Extras” plus discounts for Friends and Family (some exclusions apply)
  • Excellent range of flexible benefits to include a matching share save scheme

Working at Aviva

At Aviva, we’re people with a purpose. To be with you today, for a better tomorrow.

We bring this to life by ensuring risk handling is at the heart of the way we all work. We love people who do the right thing for our customers, and our colleagues. We want people who speak up, who take ownership, and who make good decisions.

The way we do this is important too. We always ‘Care More’. It’s our thing. We’re all about our people – that’s you – so we can be pretty flexible. If you want to work from home some of the time or change your hours so you can pick up your kids or care for someone in your family, we’re very open to that. In fact, we don’t advertise roles as either part or full time, because we know each person has different needs, just as each business area has different needs. So, it’s up to you to discuss working hours during your interview.

We care deeply about being inclusive and that means we encourage applications from people with a diverse group of backgrounds and experiences. We want our employees to bring their whole self to work and that starts with you.

We interview every disabled applicant* that meets the minimum criteria for the job . Once you’ve applied, please send us a separate email stating that you have a disclosed disability, and we’ll make sure we interview you.

We’d love it if you could submit your application online . If you require an alternative method of applying, please give Lacey Lane Mckoy a call on 0207 255 0884 or send an email to [email protected]

*As defined in The Equality Act 2010 *. By ‘ minimum criteria’ we mean you should provide us with evidence which demonstrates that you generally meet the level of competence required and have the qualifications, skills or experience defined as essential to perform the role.

To apply for this job please visit

To apply for this job please visit

Contact us


Related Jobs