Enable job alerts via email!

Full Time/ Splunk SOAR developer/ Columbus, OH (Remote)

Diverse Lynx

Columbus (OH)

Remote

USD 90,000 - 130,000

Full time

2 days ago

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

A prominent company seeks a Splunk SOAR Developer to design and optimize automated workflows, integrating enterprise applications and enhancing security capabilities. The candidate will collaborate with various teams, ensuring effective incident handling and platform management while training staff on SOAR tools. This full-time position allows for remote work flexibility and is essential for improving operational efficiency.

Qualifications

6+ years experience in Splunk app & add-on development.
Proficiency with security and compliance applications.
Experience collaborating with SOC staff and stakeholders.

Responsibilities

Design and develop playbooks using Splunk SOAR and Python.
Maintain and administer the Splunk Phantom platform.
Train SOC staff on SOAR usage and capabilities.

Skills

Splunk Phantom (SOAR)

Python development

Web development (JavaScript, CSS)

Splunk data modelling

REST API

Git for version control

Splunk SOAR Developer

Location: Columbus, OH (Remote)

Employment Type: Full Time

Key Skills

Splunk Phantom (SOAR)
Proficiency in Python development
Splunk SimpleXML or web development (JavaScript, CSS)
Splunk app & add-on development
Splunk data modelling
Splunk Enterprise / Splunk Cloud
Python, REST API
Experience with Jira, ServiceNow, Palo Alto, CrowdStrike, VirusTotal, MISP, etc.
Git for version control of playbooks/scripts

Roles & Responsibilities

Playbook Development

Design, develop, test, and deploy playbooks using the Splunk SOAR visual editor or Python.
Translate incident response procedures into automated workflows.
Optimize and refine existing playbooks for performance and efficiency.

Integration & App Development

Design and develop Splunk applications with 6+ years of experience.
Create advanced Splunk analytics and custom applications.
Integrate Splunk data with enterprise applications and systems.
Translate business feedback into technical requirements.
Develop specialized Splunk Security and Compliance applications, add-ons, data models, dashboards, and content using Python, Splunk SPL, SimpleXML, JavaScript, and CSS.
Create custom Splunk applications and Add-Ons for access events based on use case criteria.
Develop and configure integrations with third-party security tools like EDR, firewalls, threat platforms, and ticketing systems.
Build or modify apps using REST APIs and Python to enhance SOAR capabilities.

Automation Strategy & Implementation

Identify automation use cases with stakeholders.
Lead end-to-end implementation of SOAR use cases from design to production.

Security Incident Handling

Assist in real-time incident response using SOAR for alert correlation, triage, and response.
Create response templates and automated incident reports.

Platform Management

Maintain and administer the Splunk Phantom platform, including upgrades, performance tuning, and health checks.
Monitor logs and troubleshoot connectivity, app, or workflow issues.

Documentation & Reporting

Document playbooks, scripts, and integrations.
Generate reports on SOAR activity, performance, and automation ROI.

Collaboration & Training

Train SOC staff and stakeholders on SOAR usage and capabilities.
Collaborate with Splunk SIEM and threat intelligence teams for cohesive operations.

Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration without discrimination. We evaluate applicants solely on their ability, competence, and proven capability to perform the outlined functions. We promote and support a diverse workforce at all levels.

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.