Returning Candidate?

Big Data Engineer (Splunk)

Big Data Engineer (Splunk)

Req # 
UK-Greater London-Hayes
Cyber Security, System Administration / Engineering

Job Overview

Overview & Responsibilities

Howdy and welcome to the world of ****‘Big Data Analytics’**** here at Rackspace.


Do you Love everything about Splunk, Big Data Analytics & Linux? Well Rackspace needs YOU!...


As one of the largest data controllers and processers in the hosting world, Rackspace sits on the proverbial mountain of data emanating from systems, tools, machines and people.



This new and exciting role is designed to specifically to make sense of all the “1’s” and “0’s” in order to drive real benefit to the business and her customers. You will be empowered to dive into this world and start to combine multiple bleeding edge data feeds into intelligence Rackspace can combine to drive improvements in “security & compliance”, “Marketing”, “customer support” and “automation services” to name a few.


The Analytics team here have partnered with industry leaders log ingestion and data science to make the best viable products we can. Not only does the team provide business context and analysis of the performance of teams but directly provide systems and services our teams utilise on a day to day basis fighting the fight against bad actors in our security teams.


We truly believe in eating our own dog food and what works well for our internal teams we offer to our customer facing teams and you will have the opportunity to drive and influence this product set.





This role is located within the global enterprise security team and focus on the “Big Data” management for the internal security team as well as other business units. The organisation requires individuals to manage the underlying infrastructure which comprises of virtual and physical servers and networking components, mange the Centos 7 operating system and configure / deploy and upgrade the Splunk application that the platform heavily relies upon. The individual is expected to bring a high level of proficiency across all segments of the role and as a core capability have a deep level of understanding with the Splunk application.




  • Build, Install and upgrade the platform as required. Specify the Splunk and host operating systems.
  • Monitor in real time platform performance, capacity and outages
  • Deliver automation scripts and process improvements in line with continuous improvement methodologies.
  • Undertake Problem, Incident and change management processes in line with ITIL methodologies
  • Participate in system upgrades and patching
  • Provide subject matter advice / consultancy with respect to data ingestion, manipulation and associated standards
  • Undertake customer requests in line with business requirements for data onboarding and user access.
  • Carry out triage of security health events and elevate their priority to incident when required
  • Initiate the escalation procedure to counteract potential tool failures
  • Influence and participate in the development of architectural standards
  • Deliver documentation required such as high / low level design, wiki guides and build standards.
  • Mentor and coach less experienced members of staff
  • Respond to customer related quires received via phone, email and via ticketing systems in a timely and accurate manor.
  • Provide customer service that exceeds our customers’ expectations
  • Provide incident remediation and prevention documentation
  • Document and conform to team processes
  • Provide performance metrics as necessary
  • Provide advisory services to the business in order to increase overall security posture
  • Provide subject matter expertise on security projects and ensure security controls are implemented according to defined policies
  • Participate in business security awareness and training initiatives
  • Provide guidance and mentoring to new and existing members of the team
  • Single point of contact for issues and vendor communications
  • Make recommendations to architecture based on observations and investigations driven individually



  • Splunk Administration certification or suitable industry experience.
  • Command of operating systems administration – Windows, LINUX and UNIX
  • Understanding of secure coding practices
  • Understanding of TCP/IP
  • Strong understanding of common protocols and services such as FTP, HTTP, SMB, LDAP and SSH
  • Knowledge and experience of network and server hardware infrastructures and storage technologies (NAS, SAN)
  • Understanding and experience with a minimum of two of the following programming languages: .NET, PHP, Perl, Python, Java, Ruby, C, C++
  • Strong experience of virtualization technologies
  • Proven experience working with network switches, routers, and firewalls
  • Typically a Bachelor’s degree or suitable industry experience
  • Good customer service skills
  • Strong attention to detail
  • Strong analytical and problem solving skills
  • Strong time management skills with the ability to multi-task
  • Strong verbal and written communication skills
  • Ability to work a flexible schedule
  • Ability to handle high pressure situations in a productive and professional way
  • Ability to multitask and be flexible, in an environment of rapid change
  • Vendor based certificates (such as Splunk, RHEL, Cisco and SourceFire)



  • Hands-on experience running security toolsets
  • Membership to a security organisation (such as IISP)
  • RHEL certification or suitable industry experience
  • Experience of system orchestration tools – SALT, ansible etc.
  • Splunk Certification