Security Engineer - Splunk SME - Cyber Managed Services

The opportunity

As our Splunk SME / Engineer, you’ll be responsible for the design, implementation, and ongoing management of Splunk environments to support security monitoring, risk‑based analytics rule development, and SOAR playbook creation. This role also includes configuring and managing User and Entity Behaviour Analytics (UEBA), deploying use cases, and providing operational support to ensure their effectiveness.

You’ll develop and optimise searches, dashboards, alerts, and reports to enable data‑driven security decisions. Working closely with cross‑functional teams, you’ll integrate diverse data sources, enhance data ingestion processes, and continuously improve system performance and the organisation’s overall security posture.

This role can be performed from any of our EY offices across Australia. Our roles can potentially be adjusted to work flexibly with reduced hours. Please speak with us about potential options.

Your key responsibilities

• Design and run a scalable Splunk Cloud and on‑prem security platform that underpins enterprise‑wide threat detection and security monitoring.
• Build high‑quality detections, dashboards, and analytics that directly enable incident response, threat hunting, and data‑driven security decisions.
• Partner closely with SOC analysts and security teams to continuously improve Splunk use cases, data quality, and overall security capability.

Skills and attributes for success

• Strong hands‑on experience designing, administering, and supporting Splunk Enterprise and Splunk Cloud in a security (SIEM) context.
• Advanced proficiency in Splunk SPL, including building and tuning complex searches, detections, dashboards, and alerts.
• Proven experience onboarding and normalising diverse data sources into Splunk, including CIM mapping and data quality optimisation.
• Due to the nature of this role, Australian citizenship is required. Candidates must hold an NV1 security clearance, or be willing and eligible to obtain one.

Ideally, you’ll also have the skills and attributes below but don’t worry if you don’t tick all the boxes. We’re interested in your aptitude, attitude and willingness to learn. 

• Experience working with Splunk Enterprise Security, UEBA, and SOAR, including use case and playbook development.
• Exposure to integrating Splunk with broader security tooling such as firewalls, EDR, IDS/IPS, and threat intelligence platforms.
• Scripting or automation experience using Python, Bash, or PowerShell to streamline onboarding and operational tasks.
• Strong collaboration skills, with the ability to explain technical concepts clearly to security analysts and stakeholders.

What we offer you

At EY, we’ll fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. We’re proud to be recognised as the #1 WORK180 Endorsed Employer in the Top 101 Employers for Women 2026. Learn more.

• Career development: At EY, your career is yours to shape! We’ll develop you with future-focused skills and equip you with world-class experiences ey.com/au/careerdevelopment
• Flexible work arrangements: Our flexible work policies empower you to balance your professional and personal life, fostering a culture of trust and autonomy.

• A comprehensive benefits package: From a yearly wellness incentive, to access to additional 8 weeks of flex leave per year, and family-friendly policies, including 26 weeks of gender-neutral paid parental leave, we cater to your diverse needs to help you thrive both personally and professionally www.ey.com/au/benefits    

• Salary: We offer a competitive salary which is open to negotiation pending on skills and experience.

Acknowledgement of Country

EY acknowledges the Traditional Owners and Custodians of the lands on which EY offices are located around Australia. We pay our respects to their cultures, and to their Elders — past, present, and emerging. Find out more about our vision for reconciliation at ey.com/en_au/careers/indigenous


Inclusiveness is core to who we are and how we work together, driving value for our people and for our business. We encourage applications from people of all ages, nationalities, abilities, cultures, sexual orientations, and gender identities and are committed to providing an equitable and barrier free recruitment experience for all. We encourage you to share any support and adjustments you need to be your best and participate equitably in our recruitment process. We understand sharing your needs with us can be daunting, so if you have questions before or during your application, we welcome you to get in touch at contactrecruitment@au.ey.com or +61 3 8650 7788 (option 2). Anything you tell us will be kept completely confidential.

Are you ready to shape your future with confidence? Apply today.

#LI-Hybrid 

EY | Building a better working world 

Our preferred applicant will be required to undertake employment screening by EY or our external third-party provider. 

© 2025 Ernst & Young Australia. A member firm of Ernst & Young Global Limited. All Rights Reserved. Liability limited by a scheme approved under Professional Standards Legislation.