SOAR Engineer with Security Clearance
Solutions By Design is seeking a SOAR Engineer to join our growing team in support of a large Security Operations program with our Federal client located in Leesburg, VA.
Using the Splunk SOAR platform, you will be responsible for automation playbooks, from requirements gathering and planning to design, testing, implementation, and maintenance.
This position is hybrid, with an onsite requirement of 3 days/week.
Responsibilities Include:
Provide SIEM engineering efforts and provide direct support to SOC operations.
Serve as the lead for all Security Orchestration, Automation, Response (SOAR) activities within the SOC.
Work with stakeholders directly to build, design, deliver, re-write, and maintain efficient, reusable, and reliable security automations using Splunk SOAR.
Review API documentation and connect third-party services to the SOAR platform.
Create detailed technical documentation pertaining to your automations.
Collaborate with other internal teams as part of setting up SOAR integrations.
Follow all change management processes and requirements as part of setting up SOAR integrations.
Demonstrate SOAR capabilities via Splunk and ticketing system.
Demonstrate SOAR capabilities via Splunk and remediation activities.
Demonstrate areas where the application of SOAR will provide immediate return on investment.
Implement solutions to enable or improve SOAR capabilities.
Ensure availability of SIEM and provide administrative oversight of the tool.
Responsible for the implementation, operations, maintenance, and lifecycle management Splunk.
Revise and develop processes to strengthen the current operational activities; review policies and recommend changes to improve tool usage and governance.
Coordinate with stakeholders to build and maintain positive working relationships.
Keeps up to date on current technologies.
Ensures daily, monthly, and quarterly compliance requirements are met individually and by professional level staff within the timelines provided by Operations executive leadership.
Performs other related duties as assigned.
Required Experience and
Qualifications:
Must be a United States (US) Citizen with a current DoD Secret Clearance.
Must be able to pass a comprehensive background check.
Minimum seven (7) years IT experience.
At least two (2) years of experience in the role of SIEM/SOAR Content Development.
Bachelor's Degree required.
Equivalent years of experience in a related field may be substituted for the degree.
Must reside within a commutable distance to our customer's location in Leesburg, VA in order to work onsite 3 days/week.
Hands-on experience using Splunk for both searching/data analysis and for passing data to SOAR.
Strong programming skills in Python.
Proficiency with Git.
Experience working with REST and other third-party API integrations.
Cloud experience (AWS, Azure, etc.
).
Strong understanding of IT security concepts and practices, as well as Blue Team processes and workflows.
Must have an impeccable work ethic, the ability to make sound decisions, and a commitment to integrity and accountability.
Proficient with Microsoft Office Suite; specifically, Excel, Word, and Outlook a must.
Excellent verbal and written communication skills.
Excellent interpersonal, negotiation, and conflict resolution skills.
Excellent organizational skills and attention to detail.
Strong analytical, critical thinking, and problem-solving skills.
Strong supervisory and leadership skills.
Ability to function well in a high-paced and at times stressful environment.
Ability to prioritize tasks and to delegate them when appropriate.
Hands-on experience with Adobe Pro a must.
Recommended Skills Administration Adobe Amazon Web Services Analytical Attention To Detail Change Management Estimated Salary: $20 to $28 per hour based on qualifications.
Using the Splunk SOAR platform, you will be responsible for automation playbooks, from requirements gathering and planning to design, testing, implementation, and maintenance.
This position is hybrid, with an onsite requirement of 3 days/week.
Responsibilities Include:
Provide SIEM engineering efforts and provide direct support to SOC operations.
Serve as the lead for all Security Orchestration, Automation, Response (SOAR) activities within the SOC.
Work with stakeholders directly to build, design, deliver, re-write, and maintain efficient, reusable, and reliable security automations using Splunk SOAR.
Review API documentation and connect third-party services to the SOAR platform.
Create detailed technical documentation pertaining to your automations.
Collaborate with other internal teams as part of setting up SOAR integrations.
Follow all change management processes and requirements as part of setting up SOAR integrations.
Demonstrate SOAR capabilities via Splunk and ticketing system.
Demonstrate SOAR capabilities via Splunk and remediation activities.
Demonstrate areas where the application of SOAR will provide immediate return on investment.
Implement solutions to enable or improve SOAR capabilities.
Ensure availability of SIEM and provide administrative oversight of the tool.
Responsible for the implementation, operations, maintenance, and lifecycle management Splunk.
Revise and develop processes to strengthen the current operational activities; review policies and recommend changes to improve tool usage and governance.
Coordinate with stakeholders to build and maintain positive working relationships.
Keeps up to date on current technologies.
Ensures daily, monthly, and quarterly compliance requirements are met individually and by professional level staff within the timelines provided by Operations executive leadership.
Performs other related duties as assigned.
Required Experience and
Qualifications:
Must be a United States (US) Citizen with a current DoD Secret Clearance.
Must be able to pass a comprehensive background check.
Minimum seven (7) years IT experience.
At least two (2) years of experience in the role of SIEM/SOAR Content Development.
Bachelor's Degree required.
Equivalent years of experience in a related field may be substituted for the degree.
Must reside within a commutable distance to our customer's location in Leesburg, VA in order to work onsite 3 days/week.
Hands-on experience using Splunk for both searching/data analysis and for passing data to SOAR.
Strong programming skills in Python.
Proficiency with Git.
Experience working with REST and other third-party API integrations.
Cloud experience (AWS, Azure, etc.
).
Strong understanding of IT security concepts and practices, as well as Blue Team processes and workflows.
Must have an impeccable work ethic, the ability to make sound decisions, and a commitment to integrity and accountability.
Proficient with Microsoft Office Suite; specifically, Excel, Word, and Outlook a must.
Excellent verbal and written communication skills.
Excellent interpersonal, negotiation, and conflict resolution skills.
Excellent organizational skills and attention to detail.
Strong analytical, critical thinking, and problem-solving skills.
Strong supervisory and leadership skills.
Ability to function well in a high-paced and at times stressful environment.
Ability to prioritize tasks and to delegate them when appropriate.
Hands-on experience with Adobe Pro a must.
Recommended Skills Administration Adobe Amazon Web Services Analytical Attention To Detail Change Management Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
