Splunk SOAR Engineer – Secret Clearance | Remote, USA

This position will be fully remote and can be hired anywhere in the continental U.S.

Initially this will be 3 weeks, unaccompanied, engagement supporting United States Africa Command (USAFRICOM) in Stuttgart Germany. After the 6months you can work remotely in the continental U.S.

We are looking for a highly skilled Splunk SOAR Engineer to join our cybersecurity team. The ideal candidate will be responsible for implementing, managing, and optimizing the Splunk SOAR platform to automate and orchestrate security operations. This role requires expertise in developing custom playbooks for various stakeholders, integrating with other security tools, and enhancing the overall security posture of the organization.

How you'll make an impact

• SOAR Platform Management:

• Install, configure, and maintain the Splunk SOAR platform

• Ensure the platform operates efficiently and effectively, with minimal downtime

• Perform regular updates, patches, and upgrades to the SOAR software.

• Playbook Development:

• Design, develop, and maintain custom playbooks to automate security incident response and other operational tasks

• Collaborate with stakeholders to understand their requirements and create tailored playbooks that meet their needs

• Test and validate playbooks to ensure they function as expected and deliver the desired outcomes.

• Integration and Automation:

• Integrate Splunk SOAR with various security tools and technologies (e.g., SIEM, EDR, threat intelligence platforms)

• Develop and maintain automation scripts and connectors to enhance the capabilities of the SOAR platform

• Streamline security operations through effective automation and orchestration

• Incident Response:

• Monitor and respond to security incidents using the Splunk SOAR platform

• Utilize playbooks to automate incident response workflows and reduce response times

• Perform root cause analysis and implement corrective actions to prevent future incidents

• Collaboration and Communication:

• Work closely with security analysts, IT teams, and other stakeholders to gather requirements and provide support

• Conduct training sessions and workshops to educate stakeholders on using the Splunk SOAR platform and playbooks

• Communicate findings, recommendations, and status updates clearly to both technical and non-technical audiences

• Continuous Improvement:

• Stay updated on the latest trends and advancements in cybersecurity and automation technologies

• Propose and implement enhancements to existing security operations and Splunk SOAR configurations

• Participate in professional development and training opportunities

What we're looking for

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field

• Security certification (Security+, CISSP)

• Secret level clearance required. TS/SCI preferred.

• Platform certification (Linux+, RHCE, PCNSA, PCNSE)

• Proven experience with Splunk SOAR (formerly Phantom) or similar security orchestration, automation, and response (SOAR) platforms

• Strong background in developing and maintaining automation playbooks and scripts

• In-depth knowledge of cybersecurity principles, incident response, and security operations

• Experience with various security tools and technologies (e.g., SIEM, EDR, threat intelligence platforms)

• Excellent problem-solving skills and attention to detail

• Strong communication and interpersonal skills

• Relevant certifications (e.g., Splunk Certified Architect, Certified Information Systems Security Professional) are a plus

• Experience with other SOAR platforms and automation tools

• Knowledge of programming and scripting languages (e.g., Python, JavaScript)

• Familiarity with cloud security and hybrid environments

• #CJ

What you can expect from Optiv

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)

EEO Statement

Optiv + ClearShark is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law.

Optiv + ClearShark respects your privacy. By providing your information through this page or applying for a job at Optiv + ClearShark, you acknowledge that Optiv + ClearShark will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv + ClearShark’s selection and recruitment activities. For additional details on how Optiv + ClearShark uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.