A Splunk SOAR Engineer is an individual who can operate independently and will be entrusted with delivering success for Optiv + ClearShark’s customers to achieve predetermined goals aligned with a statement of work. To be successful in this role, a Level I/III Engineer will be expected to specialize in a capability aligned with Optiv + ClearShark’s service practices while also contemplating which future opportunities they would like to explore. Excellent communication skills are essential for this role, as these individuals will interact with clients regularly.
How you'll make an impact
-
Spend 5% of their time focusing on developing corporate strategy, assisting with brand identity, and support operations.
-
Spend 5% of their time focusing on training and fine-tuning skills.
-
Spend 10% of their time managing the day-to-day operations of their team members and their respective career development efforts.
-
Spend 80% of their time on engagement delivery.
Engagement Management
-
Execute all tasks outlined in the scope of work and follow standard operating procedures with no direct oversight.
-
Provide assistance for detailed view of notable events, workbook for open investigations, and risk analysis scoring system.
-
Assist and recommend actions in security operations center tier I and tier II incident response incidents.
-
Automate issue resolution and compliance reporting to lower time on detection, time on mitigation for security organizations.
-
Integrate Splunk Mission Control, Splunk Security Orchestration, Automation Response (SOAR), and/or other customer approved security product applications utilizing Enterprise Security.
-
Utilize data thresholds, trend-based conditions and behavioral pattern recognition.
Client Engagement
-
Develop and maintain strong relationships with clients to ensure satisfaction.
-
Adhere to availability standards for responding to client inquiries.
-
Lead the communication of technical concepts effectively to clients.
-
Identify and communicate cross-sell and up-sell opportunities with the account team across services.
What we're looking for
-
Active TS/SCI clearance with FSP required.
-
Proven experience with Splunk SOAR (formerly Phantom) or similar security orchestration, automation, and response (SOAR) platforms.
-
Strong background in developing and maintaining automation playbooks and scripts.
-
Security Certification (i.e, Security+, CISSP, etc) required.
-
Experience operating in classified environments.
-
Bachelor’s degree in a related area or at least 8 years of related work experience.
-
Robust understanding of identity, SIEM, cybersecurity, and infrastructure concepts.
-
Strong Linux and scripting (Python, Ansible, Teraform, JSON, others.) experience.
-
Ability to troubleshoot Splunk instances.
-
Create custom Splunk reports, dashboards, and content per customer requirements.
-
Strong understanding of governance and compliance, specifically with FAR, DFARs, CUI and CMMC.
-
Broad understanding of FedRAMP and IL constructs.
-
Strong understanding of leadership concepts and ideas.
-
Strong interpersonal skills and ability to work collaboratively in a team.
-
Experience leading an engineering team, preferably having handled tasking, resolving personnel issues, and providing actionable feedback.
-
Ability to clearly communicate complex messages to a variety of audiences.
-
Excellent problem-solving skills with a keen attention to detail.
-
Willingness to travel to meet client needs.
-
#LI-NA1
-
#CJ
What you can expect from Optiv
- A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
- Work/life balance
- Professional training resources
- Creative problem-solving and the ability to tackle unique, complex projects
- Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
- The ability and technology necessary to productively work remotely/from home (where applicable)
EEO Statement
Optiv + ClearShark is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law.
Optiv + ClearShark respects your privacy. By providing your information through this page or applying for a job at Optiv + ClearShark, you acknowledge that Optiv + ClearShark will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv + ClearShark’s selection and recruitment activities. For additional details on how Optiv + ClearShark uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.
Top Skills
What We Do
Optiv is a security solutions integrator – “one-stop” trusted partner with a singular focus on cybersecurity. Our end-to-end cybersecurity capabilities span risk management and transformation, cyber digital transformation, threat management, security operations, identity and data management, and integration and innovation, helping organizations realize stronger, simpler and more cost-efficient cybersecurity programs that support business requirements and outcomes. At Optiv, we are modernizing cybersecurity to enable clients to innovate their consumption models, integrate infrastructure and technology to maximize value, achieve measurable outcomes, and realize complete solutions and business alignment.