Defence Housing Australia (DHA) recently delivered a security monitoring and logging project and is seeking to engage a suitable qualified and experienced engineering service provider to deploy further features to our new Splunk SIEM and engineering a migration of the remaining core logs and alerts from our former SIEM.

Deliverables

The below deliverables are expected to be met within a 160-hour block of work. DHA requires a resource to work onsite at DHA Head office in Gungahlin ACT for two days per week over 11 weeks. This will allow the remaining three days for DHA to evaluate what has been delivered and to fine tune any additions or deductions from a deliverable to maintain accurate timekeeping and value for money during the engagement.

• Configuration of Splunk stream – to enhance DNS log visibility
• Additional log ingest activities
• Increase and fine tune SAAS platform log ingest
• Fine tune alerting capability based on an internal health check report
• Dashboard creation for Integrity and Executive areas
• Splunk app configuration
• SOAR capability
• Ingest patterns

Direct reporting of this project will be to the DHA Cyber Security Manager.

Priorities will be determined based on a discussion with the resource engaged to assist with the engineering services. Where time constraints are identified, DHA may request documentation in place of implementation.

Mandatory Requirements

• Demonstrated experience in delivering Splunk within government, or a medium to large agency
•  NV1 security clearance essential
•  CV of proposed resource to be provided as part of submission
•  A single resource to be provided for the duration of the engagement