My client is recruiting for a talented SOAR engineer who will join the newly formed Security Orchestration, Automation and Response Engineering team. You will be the second hire for this team responsible for developing automation tools/correlations to detect, resolve and mitigate cyber security threat vectors on the Splunk platform.
- Industry experience with Splunk/Splunk Phantom would be a plus
- Experience with security automation and a solid understanding of incident response
- Understanding of security frameworks including MITRE ATT&CK
- Leveraging home grown code to automate parts of Incidence Response.
- Developing a POC with Automation framework Phantom.
- Developing Incident Response workflows to be implemented and automated.
- Developing interconnected Splunk Dashboards for Incident Response investigation