Phoenix Cyber is looking for security focused Python programmers to help develop custom plugins and 3rd party integrations for a commercial-off-the-shelf cybersecurity software product. The work involves designing, developing, and implementing data models, index structures, and storage strategies; ingesting/indexing processes and transforming/normalizing data to common standards using log aggregation tools (e.g., Elasticsearch and Splunk); enriching data upon ingest and querying; and creating queries against big data.
This is a 100% remote, work-from-home position anywhere in the continental United States.
Requirements:
- Minimum 5 years of strong Python programming experience
- Experience in authoring and developing Python libraries
- Experience using REST and SOAP APIs to query and update data across multiple third-party applications
- Experience with Git, CI/CD and other development tools
- Experience with cloud infrastructure and networking in AWS and/or Azure
- Degree in a STEM related discipline and/or a minimum 5 years of cybersecurity experience
Nice to have:
- Experience with SOAR tools, Swimlane, Cyber Triage, Phantom
- Experience with the ELK (Elasticsearch, Logstash, Kibana) stack, Elastic Cloud on Kubernetes (ECK), Kafka, Beats, and/or Splunk
- Experience modeling with databases (relational/non-relational), especially MongoDB
- Configuration management experience with Ansible/Terraform/Chef/Puppet
- Experience with container services (Docker, Kubernetes, etc.)
- Linux administration experience
- Active (ISC)2 CISSP certification
Phoenix Cyber is a national provider of cybersecurity engineering services, operations services, sustainment services and managed security services to organizations determined to strengthen their security posture and enhance the processes and technology used by their security operations team.
Phoenix Cyber is an equal opportunity employer and complies with Executive Order 11246, Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veteran's Readjustment Assistance Act (VEVRAA), all amendments to these regulations, and applicable executive orders, federal, and state regulations. Applicants are considered without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, and/or veteran status.
Phoenix Cyber participates in E-Verify to confirm the employment eligibility of all newly-hired employees. To learn more about E-Verify, including your rights and responsibilities, go to https://www.e-verify.gov/
Skills Required
- Minimum 5 years of strong Python programming experience
- Experience authoring and developing Python libraries
- Experience using REST and SOAP APIs to query and update data across third-party applications
- Experience with Git, CI/CD and other development tools
- Experience with cloud infrastructure and networking in AWS and/or Azure
- Degree in a STEM discipline and/or minimum 5 years of cybersecurity experience
- Experience with SOAR tools (Swimlane, Cyber Triage, Phantom)
- Experience with the ELK stack, Elastic Cloud on Kubernetes (ECK), Kafka, Beats, and/or Splunk
- Experience modeling with relational and non-relational databases, especially MongoDB
- Configuration management experience with Ansible, Terraform, Chef, or Puppet
- Experience with container services (Docker, Kubernetes)
- Linux administration experience
- Active (ISC)2 CISSP certification
What We Do
Phoenix Cyber is a U.S.-based cybersecurity services firm supporting federal agencies and enterprise organizations. Our team delivers high-assurance security expertise grounded in practical engineering, mission understanding, and decades of hands-on experience across complex environments. We focus on solutions that reduce operational friction, improve program maturity, and enable security to drive—not slow—organizational outcomes. We evaluate each customer’s current security landscape, operational processes, and future roadmap to design solutions that fit the way your organization actually runs. Our approach challenges traditional audit-heavy methodologies, replacing them with targeted, measurable improvements that increase return on investment and strengthen overall resilience. Phoenix Cyber provides a broad set of security services that help organizations prevent, detect, and respond to threats: -Incident Response & Digital Forensics -Security Automation & Playbook Development -Data Protection & Zero Trust Advisory -Threat Hunting & Proactive Detection -Cloud Security Architecture & Engineering -Security Program Development & Strategic Advisory Whether you need to satisfy regulatory requirements, streamline SOC operations, or shift toward a more proactive defense model, we help you build a security posture that is strong, scalable, and aligned to mission goals.
Why Work With Us
Customers choose Phoenix Cyber for our deep technical expertise, a practical engineering mindset, and an approach tailored to complex, highly regulated environments. We deliver cybersecurity outcomes that are efficient, scalable, and aligned to both operational realities and long-term strategy.
Gallery
