Job Description

Splunk engineer (Security) and SOAR automation (Cortex)
10+ years of experience

100% Remote ROle

Advanced Cyber Security Engineer
Operational role on Splunk & XSOAR (our Soar platform). Should have significant experience with development.

Key Responsibilities

Will work closely on Palo Alto XSOAR platform to customize it as needed
Will closely integrate existing Security Operation Center (SOC) systems through development and reuse of well-defined APIs
Working with stakeholders for onboarding new data sources on Splunk (or any other SIEM tool) and perform periodic maintenance activities
Deploy and evaluate external proof-of-concept tools

Help with automation of various SOC related manual tasks.

Must Have

Min. 2 years of experience in customization on any SOAR (Security Orchestration, Automation and Response) tool preferably Palo Alto XSOAR
Min. 5 years of development experience with Python and web frameworks (Django, Flask)
Experience with log management and/or SIEM technologies such as Splunk

Value
Web development frontend skills: JavaScript, jQuery, HTML/CSS
Experience in creating and reusing Restful APIs to improve integration between existing and new security systems
SQL database or any other DBs
Good communication skills
Highly motivated individual with the ability to self-start, prioritize, and multi-task
Interest in cyber security, willingness to follow security best practices
Ability to understand code written in other scripting languages
Knowledge of incident response (SecOps)
Eagerness to look for and evaluate available open-source incident response/threat intelligence tools
Strong focus on writing high quality technical documentation
Good knowledge of Linux, git, nginx

Job Tags

Similar Jobs