Splunk SOAR Developer
Chicago, IL, US • Posted 4 hours ago • Updated 4 hours ago

Black Rock Group
Dice Job Match Score™
📊 Calculating match score...
Job Details
Skills
- Splunk SOAR
- Splunk Phantom
- Splunk Enterprise Security (ES)
- Python 3.x
- REST APIs
- JSON
- Webhooks
- OAuth2
- Vendor SDKs
- Playbook Development
- Security Automation
- Security Orchestration
- Incident Response (IR)
- Security Operations (SOC)
- Threat Intelligence (TI) Enrichment
- EDR Integration
- CrowdStrike
- Microsoft Defender
- Carbon Black
- Okta
- Azure AD
- Proofpoint
- Microsoft 365 (M365)
- Palo Alto
- Fortinet
- VirusTotal
- Recorded Future
- ServiceNow
- Jira
- AWS
- Azure
- GCP
- Docker
- Kubernetes
- Git
- CI/CD
- Postman
- Swagger
- API Integration
- Secrets Management
- Key Vault
- Firewall Automation
- Cloud Security Response
- Automation Frameworks
- Adaptive Response
- Notable Events
- Alert Pipelines
Summary
Splunk SOAR Developer
Location: Chicago, IL 60661 OR Denver, CO
Work Model: 100% Onsite (No Remote)
Duration: 12+ Month Contract
Interview Process: WebEx Interview + Onsite Interview Required
Industry: Financial Services
Job Overview
We are seeking an experienced Splunk SOAR Developer to design, develop, and scale security automations in a high-availability enterprise SOC environment. The ideal candidate will have strong hands-on experience with Splunk SOAR (Phantom), advanced Python development, and deep knowledge of security operations workflows.
This role requires full onsite presence in Chicago, IL or Denver, CO.
Key Responsibilities
- Design and implement automated playbooks for:
- Phishing investigations
- Malware triage
- Threat intelligence enrichment
- VIP account protections
- EDR containment
- Firewall updates
- Cloud response
- Ticket lifecycle automation
- Develop custom Splunk SOAR apps/integrations using Python
- Integrate with REST APIs, webhooks, OAuth2, and vendor SDKs
- Improve automation reliability (error handling, retries, caching, scaling)
- Monitor and troubleshoot connector health and API integrations
- Collaborate with SOC and Incident Response teams to automate manual workflows
- Parse and transform JSON data, normalize artifacts, enrich IOCs
- Maintain CI/CD pipelines and version control using Git
- Define KPIs (MTTD/MTTR improvements, automation coverage, error rates)
- Follow security best practices (least privilege, secrets management, audit logging)
- Participate in on-call rotation (if required)
Required Skills & Experience
- 5 7 years of hands-on experience with Splunk SOAR (Phantom)
- Advanced Python (3.x) programming skills
- Experience building production-grade playbooks and custom integrations
- Strong knowledge of security operations (SOC/IR workflows)
- Experience integrating with tools such as:
CrowdStrike, Microsoft Defender, Carbon Black, Okta, Azure AD, Proofpoint, M365, Palo Alto, Fortinet, VirusTotal, Recorded Future, ServiceNow, Jira, AWS, Azure, Google Cloud Platform - Proficiency with:
- REST APIs (authentication, pagination, rate limits)
- JSON parsing
- Postman / Swagger
- Git workflows
- CI/CD promotion across dev/test/prod
- Understanding of:
- Splunk Enterprise Security (ES)
- Notable events
- Adaptive response frameworks
- Alert pipelines
- Strong documentation and stakeholder communication skills
- Dice Id: 91166696
- Position Id: 8890524
- Posted 4 hours ago
Company Info
About Black Rock Group
At Black Rock Groups Inc, we specialize in providing top-tier human resource services tailored to meet the evolving needs of businesses across the United States. Our expertise spans talent acquisition, workforce management, employee engagement, compliance, and strategic HR consulting.
We empower organizations by delivering customized HR solutions that drive efficiency, productivity, and long-term growth. Whether you're a startup looking to build a strong team or an enterprise seeking to optimize workforce strategies, our dedicated professionals are here to support your business success.
Similar Jobs
It looks like there aren't any Similar Jobs for this job yet.
Search all similar jobs