Overview
On Site
Full Time
Accepts corp to corp applications
Contract - Independent
Contract - W2
Skills
Dashboard
SPL
Firewall
Use Cases
Real-time
Incident Management
Management
Performance Tuning
Workflow
Documentation
Reporting
Scripting
Performance Metrics
Return On Investment
Collaboration
Training
System On A Chip
SIEM
Threat Analysis
Python
Web Development
JavaScript
Cascading Style Sheets
Data Modeling
Splunk
Cloud Computing
RESTful
JIRA
ServiceNow
Palo Alto
Git
Version Control
Job Details
Job Summary (List Format):
- Playbook Development:
- Design, develop, test, and deploy automated playbooks using Splunk SOAR visual editor or Python.
- Translate incident response procedures into automated workflows.
- Optimize and refine playbooks for enhanced performance and efficiency.
- Integration & App Development:
- 6+ years of hands-on experience in designing and developing Splunk applications.
- Develop custom Splunk applications, dashboards, add-ons, and data models using Python, Splunk SPL, SimpleXML, or JavaScript/CSS.
- Integrate Splunk with enterprise applications and third-party security tools (EDR, firewalls, threat intel platforms, ticketing systems, etc.).
- Translate business requirements into Splunk technical solutions.
- Enhance SOAR capabilities by developing or modifying custom apps using REST APIs and Python.
- Automation Strategy & Implementation:
- Collaborate with stakeholders to identify automation use cases.
- Lead end-to-end implementation of SOAR use cases, from design through production.
- Security Incident Handling:
- Support real-time incident response using SOAR for alert correlation, triage, and response.
- Create response templates and automated incident reports.
- Platform Management:
- Maintain and administer the Splunk Phantom platform, including upgrades and performance tuning.
- Monitor system logs and troubleshoot connectivity, app execution, and workflow issues.
- Documentation & Reporting:
- Document playbooks, scripts, and integrations.
- Generate reports on SOAR activities, performance metrics, and automation ROI.
- Collaboration & Training:
- Train SOC staff and stakeholders on SOAR usage and best practices.
- Work collaboratively with Splunk SIEM and threat intelligence teams.
Key Skills:
- Splunk Phantom (SOAR)
- Python programming
- Splunk SimpleXML/web development (JavaScript, CSS)
- Splunk app & add-on development
- Splunk data modeling
- Splunk Enterprise/Splunk Cloud
- REST API integration
- Experience with tools like Jira, ServiceNow, Palo Alto, CrowdStrike, VirusTotal, MISP, etc.
- Git for version control
- Playbook Development:
- Design, develop, test, and deploy automated playbooks using Splunk SOAR visual editor or Python.
- Translate incident response procedures into automated workflows.
- Optimize and refine playbooks for enhanced performance and efficiency.
- Integration & App Development:
- 6+ years of hands-on experience in designing and developing Splunk applications.
- Develop custom Splunk applications, dashboards, add-ons, and data models using Python, Splunk SPL, SimpleXML, or JavaScript/CSS.
- Integrate Splunk with enterprise applications and third-party security tools (EDR, firewalls, threat intel platforms, ticketing systems, etc.).
- Translate business requirements into Splunk technical solutions.
- Enhance SOAR capabilities by developing or modifying custom apps using REST APIs and Python.
- Automation Strategy & Implementation:
- Collaborate with stakeholders to identify automation use cases.
- Lead end-to-end implementation of SOAR use cases, from design through production.
- Security Incident Handling:
- Support real-time incident response using SOAR for alert correlation, triage, and response.
- Create response templates and automated incident reports.
- Platform Management:
- Maintain and administer the Splunk Phantom platform, including upgrades and performance tuning.
- Monitor system logs and troubleshoot connectivity, app execution, and workflow issues.
- Documentation & Reporting:
- Document playbooks, scripts, and integrations.
- Generate reports on SOAR activities, performance metrics, and automation ROI.
- Collaboration & Training:
- Train SOC staff and stakeholders on SOAR usage and best practices.
- Work collaboratively with Splunk SIEM and threat intelligence teams.
Key Skills:
- Splunk Phantom (SOAR)
- Python programming
- Splunk SimpleXML/web development (JavaScript, CSS)
- Splunk app & add-on development
- Splunk data modeling
- Splunk Enterprise/Splunk Cloud
- REST API integration
- Experience with tools like Jira, ServiceNow, Palo Alto, CrowdStrike, VirusTotal, MISP, etc.
- Git for version control
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.