Splunk Engineer

Security (Splunk) Engineer

Remote

Long term contract (W2 only)

Description

· Operational role on Splunk & XSOAR (our Soar platform).

· Should have significant experience with development.

Key Responsibilities

· Will work closely on Palo Alto XSOAR platform to customize it as needed.

· Will closely integrate existing Security Operation Center (SOC) systems through development and reuse of well-defined APIs.

· Working with stakeholders for onboarding new data sources on Splunk (or any other SIEM tool) and perform periodic maintenance activities.

· Deploy and evaluate external proof-of-concept tools.

· Help with automation of various SOC related manual tasks.

Must Have

· Experience in customization on any SOAR (Security Orchestration, Automation and Response) tool preferably Palo Alto XSOAR

· Development experience with Python and web frameworks (Django, Flask)

· Experience with log management and/or SIEM technologies such as Splunk

Value

· Web development frontend skills: JavaScript, jQuery, HTML/CSS

· Experience in creating and reusing Restful APIs to improve integration between existing and new security systems

· SQL database or any other DBs

· Good communication skills

· Highly motivated individual with the ability to self-start, prioritize, and multi-task

· Interest in cyber security, willingness to follow security best practices

· Ability to understand code written in other scripting languages

· Knowledge of incident response (SecOps)

· Eagerness to look for and evaluate available open-source incident response/threat intelligence tools

· Strong focus on writing high quality technical documentation

· Good knowledge of Linux, git, nginx.

This is a remote position.