Job Details
  • Reference357688A_1588553669
  • LocationCanberra
  • SalaryNegotiable
  • Job TypeContract
  • Postedabout 1 month ago
  • ConsultantPrasad SP

Our Federal Government client is seeking to engage a Splunk support on an initial contract of 3 Years, with an extensions upto 2 Years.


Key Responsibilities :

  • Experienced Splunk personnel to provide support and maintenance to the client's -Splunk Enterprise Security (ES) instance, migration to new versions and upgrades to new versions over the life of the contract.
  • Splunk onsite support for maximum of 120 days per annum maximum for the next 3 years.
  • Provide pricing (hourly rate) for experienced Splunk personnel to provide services outside of the above on a times and material basis.
  • 3 years experience in implementing and supporting Splunk Enterprise Security
  • The vendor is required to provide onsite support at the client, Canberra ACT.

    Services to include but not limited to:
  • Work in the IT Security team reporting weekly to the Assistant ITSA
  • Provide periodic health checks every 3 months and provide a summary report
  • Assist in resolving ad hoc queries
  • Creation of Enterprise Security use cases, dashboards, reports and alerts and monitoring console health check
  • Skills transfer Splunk instance to Finance staff for daily monitoring regarding dash boards, investigation and reporting
  • Maintain Splunk documentation
  • Comply with client's Change Management process
  • Providing ongoing knowledge transfer for the Departments Splunk Admins
  • Provide a walk-through of Splunk ES functionality for the Departments Splunk Admins
  • Optimizing out-of-the-box content and ES Content Updates (ESCU)
  • The ability to integrate from additional data sources
  • Ability for client to meet any ANAO reporting requirements in a timely manner
  • Splunk Enterprise Security instance must be in accordance with all applicable Australian Signals Directorate's 2020 Information Security Manual (ISM) controls.
  • Of important note, to protect both client and the Service Provider is that the client Applications\Systems contain data classified at 'PROTECTED'.
  • Splunk certifications or demonstrated 3 years experience in supporting and maintaining Splunk Enterprise Security
  • Service Provider to indicate the number of specified personnel it proposes to use for the provision of the Services.

    Due to nature of work , candidate for this position is required to be an Australian citizen with NV1 Security Clearance .

    If you feel you are a suitable candidate then submit your application by hitting "Apply for this job". Alternatively, you can call Soham Dingare on 02 6268 9915 / for further discussion.