Ativa os alertas de emprego por e-mail!
Splunk Platform Architect
Bebeeorchestration
São Paulo
Presencial
BRL 120.000 - 160.000
Tempo integral
Cria um currículo personalizado em poucos minutos
Consegue uma entrevista e ganha mais. Sabe mais
Resumo da oferta
A leading tech company in São Paulo is seeking a Senior Splunk Orchestration Specialist to lead the design and implementation of advanced SOAR solutions. The role involves collaborating with SOC teams, developing industry standards for automation, and creating custom playbooks for various threats. Candidates should have experience in security orchestration and a strong understanding of Splunk technologies. This position offers the opportunity to enhance threat response strategies and drive innovation in security automation.
Responsabilidades
- Lead the design and implementation of advanced SOAR solutions.
- Collaborate with SOC teams to align SOAR capabilities with threat response.
- Develop and optimize custom SOAR playbooks for various threats.
This is a unique opportunity to lead the design, development and implementation of advanced Security Orchestration, Automation and Response (SOAR) solutions using Splunk SOAR (Phantom) and Splunk Enterprise Security (ES).
- Architecture & Automation Enablement: Design, build, and deploy advanced SOAR platforms with a focus on process automation.
- Develop and maintain industry‑leading standards, guidelines, and frameworks for automation and orchestration workflows.
- Collaborate with enterprise SOC teams to align SOAR platform capabilities with threat response strategy.
- Splunk Assessment: Conduct comprehensive Splunk SOAR assessments to evaluate current‑state maturity, integrations, and gaps; provide recommendations for improvements in log ingestion, correlation, automation, and use case coverage. Work closely with Splunk engineers to enhance SOC visibility and response automation.
- Custom Playbook Development: Design, build, and optimize custom SOAR for threat enrichment, triage, phishing, malware, insider threat, and compliance workflows. Ensure playbooks follow industry best practices and are resilient, scalable, and maintainable. Continuously update and refine playbooks to keep pace with evolving threats.
- Automation Strategy & Governance: Develop and implement an automation strategy that ensures seamless integration with SIEM (Splunk Enterprise Security) and third‑party tools. Maintain accurate documentation of architecture, integrations, and playbook workflows. Oversee life‑cycle management, scalability, and compliance for SOAR implementations.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
