This position will be fully remote and can be hired anywhere in the continental U.S.
Initially this will be 3 weeks, unaccompanied, engagement supporting United States Africa Command (USAFRICOM) in Stuttgart Germany. After the 6months you can work remotely in the continental U.S.
We are looking for a highly skilled Splunk SOAR Engineer to join our cybersecurity team. The ideal candidate will be responsible for implementing, managing, and optimizing the Splunk SOAR platform to automate and orchestrate security operations. This role requires expertise in developing custom playbooks for various stakeholders, integrating with other security tools, and enhancing the overall security posture of the organization.
How you'll make an impact
SOAR Platform Management:
Install, configure, and maintain the Splunk SOAR platform
Ensure the platform operates efficiently and effectively, with minimal downtime
Perform regular updates, patches, and upgrades to the SOAR software.
Playbook Development:
Design, develop, and maintain custom playbooks to automate security incident response and other operational tasks
Collaborate with stakeholders to understand their requirements and create tailored playbooks that meet their needs
Test and validate playbooks to ensure they function as expected and deliver the desired outcomes.
Integration and Automation:
Integrate Splunk SOAR with various security tools and technologies (e.g., SIEM, EDR, threat intelligence platforms)
Develop and maintain automation scripts and connectors to enhance the capabilities of the SOAR platform
Streamline security operations through effective automation and orchestration
Incident Response:
Monitor and respond to security incidents using the Splunk SOAR platform
Utilize playbooks to automate incident response workflows and reduce response times
Perform root cause analysis and implement corrective actions to prevent future incidents
Collaboration and Communication:
Work closely with security analysts, IT teams, and other stakeholders to gather requirements and provide support
Conduct training sessions and workshops to educate stakeholders on using the Splunk SOAR platform and playbooks
Communicate findings, recommendations, and status updates clearly to both technical and non-technical audiences
Continuous Improvement:
Stay updated on the latest trends and advancements in cybersecurity and automation technologies
Propose and implement enhancements to existing security operations and Splunk SOAR configurations
Participate in professional development and training opportunities
What we're looking for
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field
Security certification (Security+, CISSP)
Secret level clearance required. TS/SCI preferred.
Platform certification (Linux+, RHCE, PCNSA, PCNSE)
Proven experience with Splunk SOAR (formerly Phantom) or similar security orchestration, automation, and response (SOAR) platforms
Strong background in developing and maintaining automation playbooks and scripts
In-depth knowledge of cybersecurity principles, incident response, and security operations
Experience with various security tools and technologies (e.g., SIEM, EDR, threat intelligence platforms)
Excellent problem-solving skills and attention to detail
Strong communication and interpersonal skills
Relevant certifications (e.g., Splunk Certified Architect, Certified Information Systems Security Professional) are a plus
Experience with other SOAR platforms and automation tools
Knowledge of programming and scripting languages (e.g., Python, JavaScript)
Familiarity with cloud security and hybrid environments
#CJ
What you can expect from Optiv
- A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
- Work/life balance
- Professional training resources
- Creative problem-solving and the ability to tackle unique, complex projects
- Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
- The ability and technology necessary to productively work remotely/from home (where applicable)
EEO Statement
Optiv + ClearShark is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law.
Optiv + ClearShark respects your privacy. By providing your information through this page or applying for a job at Optiv + ClearShark, you acknowledge that Optiv + ClearShark will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv + ClearShark’s selection and recruitment activities. For additional details on how Optiv + ClearShark uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.