Splunk SOAR Engineer

2 days ago

Greendale WI United States Optiv Full time
Splunk SOAR Engineer - TS/SCI with FS Poly | McLean, VA

Optiv manages cyber risk so you can secure your full potential. Cybersecurity advisory services and solutions. Powered by the best minds in cyber.

A Splunk SOAR Engineer is an individual who can operate independently and will be entrusted with delivering success for Optiv + ClearShark’s customers to achieve predetermined goals aligned with a statement of work. To be successful in this role, a Level I/III Engineer will be expected to specialize in a capability aligned with Optiv + ClearShark’s service practices while also contemplating which future opportunities they would like to explore. Excellent communication skills are essential for this role, as these individuals will interact with clients regularly.

How you'll make an impact
  1. Spend 5% of their time focusing on developing corporate strategy, assisting with brand identity, and support operations.
  2. Spend 5% of their time focusing on training and fine-tuning skills.
  3. Spend 10% of their time managing the day-to-day operations of their team members and their respective career development efforts.
  4. Spend 80% of their time on engagement delivery.
Engagement Management
  1. Execute all tasks outlined in the scope of work and follow standard operating procedures with no direct oversight.
  2. Provide assistance for detailed view of notable events, workbook for open investigations, and risk analysis scoring system.
  3. Assist and recommend actions in security operations center tier I and tier II incident response incidents.
  4. Automate issue resolution and compliance reporting to lower time on detection, time on mitigation for security organizations.
  5. Integrate Splunk Mission Control, Splunk Security Orchestration, Automation Response (SOAR), and/or other customer approved security product applications utilizing Enterprise Security.
  6. Utilize data thresholds, trend-based conditions and behavioral pattern recognition.
Client Engagement
  1. Develop and maintain strong relationships with clients to ensure satisfaction.
  2. Adhere to availability standards for responding to client inquiries.
  3. Lead the communication of technical concepts effectively to clients.
  4. Identify and communicate cross-sell and up-sell opportunities with the account team across services.
What we're looking for
  1. Active TS/SCI clearance with FSP required.
  2. Proven experience with Splunk SOAR (formerly Phantom) or similar security orchestration, automation, and response (SOAR) platforms.
  3. Strong background in developing and maintaining automation playbooks and scripts.
  4. Security Certification (i.e., Security+, CISSP, etc) required.
  5. Experience operating in classified environments.
  6. Bachelor’s degree in a related area or at least 8 years of related work experience.
  7. Robust understanding of identity, SIEM, cybersecurity, and infrastructure concepts.
  8. Strong Linux and scripting (Python, Ansible, Terraform, JSON, others) experience.
  9. Ability to troubleshoot Splunk instances.
  10. Create custom Splunk reports, dashboards, and content per customer requirements.
  11. Strong understanding of governance and compliance, specifically with FAR, DFARs, CUI and CMMC.
  12. Broad understanding of FedRAMP and IL constructs.
  13. Strong understanding of leadership concepts and ideas.
  14. Strong interpersonal skills and ability to work collaboratively in a team.
  15. Experience leading an engineering team, preferably having handled tasking, resolving personnel issues, and providing actionable feedback.
  16. Ability to clearly communicate complex messages to a variety of audiences.
  17. Excellent problem-solving skills with a keen attention to detail.
  18. Willingness to travel to meet client needs.
Additional Information
  • Creative problem-solving and the ability to tackle unique, complex projects.
  • Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
  • The ability and technology necessary to productively work remotely/from home (where applicable).
EEO Statement

Optiv + ClearShark is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law.

Optiv + ClearShark respects your privacy. By providing your information through this page or applying for a job at Optiv + ClearShark, you acknowledge that Optiv + ClearShark will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv + ClearShark’s selection and recruitment activities.

#J-18808-Ljbffr

  • Security Automation Engineer III

    2 weeks ago

    Milwaukee, WI, United States Northwestern Mutual Full time

    At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference. At Northwestern Mutual, we believe relationships are built on trust. That our lives and our work matter. These beliefs launched our company nearly 160 years ago. Today, they're just a few of the reasons...

  • Security Automation Engineer III

    1 week ago

    Milwaukee, WI, United States Northwestern Mutual Full time

    We care and make a positive difference. This is a hybrid position at either our Milwaukee office or our New York City office. ( The Milwaukee office requires onsite M, T, and W or in our NYC office on Thursday plus 1 other day.) A highly motivated Security Automation Engineer to join NM’s Cybersecurity team. As a member of the Security...

  • Security Automation Engineer III

    1 week ago

    Milwaukee, WI, United States Northwestern Mutual Full time

    At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference. At Northwestern Mutual, we believe relationships are built on trust. That our lives and our work matter. These beliefs launched our company nearly 160 years ago. Today, they're just a few of the reasons why people...

  • Senior Splunk Engineer

    1 day ago

    Annapolis, MD, United States ZipRecruiter Full time

    Description: We are seeking a highly skilled and detail-oriented Splunk Analyst to join our team. As a Splunk Analyst, you will play a critical role in maintaining and optimizing our Splunk platform, ensuring its effective utilization for monitoring and analyzing various system logs and data sources. Your primary responsibility will be to design, develop,...

  • IT Splunk Administrator

    3 weeks ago

    Wilmington, MA, United States UniFirst Full time

    Job DescriptionThe Splunk Administrator will report to the ITOCC Manager to support the Enterprise application monitoring initiative. This position will assist in the installation, provisioning, configuring, operating, maintaining, and troubleshooting all Splunk applications and hardware. The Splunk Administrator will collaborate with the engineering,...

  • Senior Splunk/Cloud Engineer TX

    2 weeks ago

    Westlake, TX, United States Fidelity TalentSource LLC Full time

    Senior  Splunk/Cloud Engineer - Cloud Platforms The Role Do you want to work on leading edge cloud technologies which are transforming how developers work with cloud? As a Senior/Splunk Cloud Engineer in our Cloud Platforms area, you will work within a diverse team comprised of passionate technologists who believe in the power of innovation and constant...

  • Splunk Administrator

    4 weeks ago

    Laurel, MD, United States Johns Hopkins Applied Physics Laboratory (APL) Full time

    DescriptionAre you searching for exciting and impactful work supporting several diverse Classifiednetworks? Are you a self-starter that is passionate about crafting visualizations, reports and charts? If so, we're looking for someone like you to apply and join our team at APL! The Splunk Administrator will be a valued member of the team with overall...

  • Splunk Engineer

    2 days ago

    Irving, TX, United States TEKsystems Full time

    Hiring manager is looking for a Splunk Engineer.Pay and BenefitsThe pay range for this position is $55.00 - $65.00• Medical, dental & vision• Critical Illness, Accident, and Hospital• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available• Life Insurance (Voluntary Life & AD&D for the employee and dependents)• Short and...

  • Splunk Engineer

    6 days ago

    Charlotte, NC, United States TEKsystems Full time

    Hiring manager is looking for a Splunk Engineer.Pay and BenefitsThe pay range for this position is $55.00 - $65.00• Medical, dental & vision• Critical Illness, Accident, and Hospital• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available• Life Insurance (Voluntary Life & AD&D for the employee and dependents)• Short and...

  • Python Developer/Automation Engineer

    2 days ago

    Ashburn, VA, United States Base One Technologies Full time

    · Author, test, and maintain automation scripts/workflows within SOAR platform · Design, implement, and maintain efficient and reusable Python code · Review, debug, and resolve technical issues throughout all stages of SDLC · Integrate SOAR platform with other security tools and APIs to execute automated workflows · Coordinate...

  • Splunk Architect

    1 month ago

    Laurel, MD, United States Johns Hopkins Applied Physics Laboratory (APL) Full time

    DescriptionAre you searching for exciting and impactful work supporting several diverse Classifiednetworks? Are you a self-starter that is passionate about crafting visualizations, reports and charts? If so, we're looking for someone like you to apply and join our team at APL! The Splunk Architect will be a valued member of the team with overall...

  • Splunk Administrator

    4 weeks ago

    Laurel, MD, United States Johns Hopkins Applied Physics Laboratory (APL) Full time

    DescriptionAre you searching for exciting and impactful work supporting several diverse Classifiednetworks? Are you a self-starter that is passionate about crafting visualizations, reports and charts? If so, we're looking for someone like you to apply and join our team at APL! The Splunk Administrator will be a valued member of the team with overall...

  • Sales Strategy and Operations Analyst

    1 day ago

    Washington, DC, United States Splunk Inc. Full time

    Splunk is here to build a safer and more resilient digital world. The world's leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable. While customers love our technology, it's our people that make Splunk stand out as an amazing career destination and why we've won so many awards as a best...

  • Principal Cyber Engineer

    2 days ago

    Greendale, WI, United States RTX Full time

    CO220: 411 Galileo Ave, Schriever AFB, Colorado Springs, CO, 80912 USA RTX At RTX, we're accelerating ideas to solve some of the world's biggest challenges by bringing together the brightest, most innovative minds across aviation, space, and defense. Date Posted: 2024-10-21 Country: United States of America Location: CO220: 411 Galileo Ave, Schriever AFB,...

  • Fidelity TalentSource LLC | Senior Splunk/Cloud Engineer TX | westlake, tx

    1 day ago

    Westlake, TX, United States Fidelity TalentSource LLC Full time

    Senior  Splunk/Cloud Engineer - Cloud Platforms The Role Do you want to work on leading edge cloud technologies which are transforming how developers work with cloud?As a Senior/Splunk Cloud Engineer in our Cloud Platforms area, you will work within a diverse team comprised of passionate technologists who believe in the power of innovation and constant...

  • Security Operations Center Analyst

    1 month ago

    Iselin, NJ, United States Techwizens LLC Full time

    Job role: SOC AnalystLocation: Iselin, NJ (ONSITE)Job Type: Full-TimeMust have: SOC , SOAR , Splunk ,SIEM , Strong expertise in EDR tools such as CrowdStrike, or similar.Experience with SOAR platforms and developing automated workflows and playbooks

  • Security Operations Center Analyst

    1 month ago

    Iselin, NJ, United States OKEVA Full time

    Role : SOC L3 Analyst Location : Iselin NJ (100% Day 1 Onsite )Hire Type : FulltimeSalary : $120K negotiable Must have : SOC , SOAR , Splunk ,SIEM , Strong expertise in EDR tools such as CrowdStrike, or similar.- Experience with SOAR platforms and developing automated workflows and playbooks

  • Principal Cybersecurity Engineer

    2 days ago

    Greendale, WI, United States Discover Full time

    Principal Cybersecurity Engineer (Platform Engineering) Discover bank offers online banking, reward credit cards, home equity loans, student loans, and personal loans to help meet your financial needs. With us, you’ll do meaningful work from Day 1. Our collaborative culture is built on three core behaviors: We Play to Win, We Get Better Every Day & We...

  • Security Engineer Intern, Detection and Response Specialist

    1 week ago

    Greendale, Wisconsin, United States Meta Full time

    Security Engineer Intern Position at MetaAbout MetaMeta is a leading technology company that enables people to build community and bring the world closer together.We're seeking a skilled Security Engineer Intern to join our team. As a Security Engineer Intern, you'll work alongside our security analysts, software engineers, and offensive security engineers...

  • Security Engineer Intern, Detection

    4 weeks ago

    Greendale, United States Meta Full time

    Security Engineer Intern, Detection & ResponseMetaGiving people the power to build community and bring the world closer together.Meta Security is looking for a Security Engineer Intern with experience in threat modeling, TTP identification, and detection engineering. You’ll work alongside Security Analysts, Software Engineers, and Offensive Security...