Greetings,
We have the below requirement with our client. Kindly go through the JD below and let me know your interest.
Splunk Phantom (SOAR) with Python development_
Location: Columbus , OH
Duration: 6 months
Total Exp: 8-10 Years
Key Responsibilities:
Playbook Development:
o Design, develop, test, and deploy playbooks using the Splunk SOAR visual editor or Python.
Translate incident response procedures into automated workflows.
Optimize and refine existing playbooks for performance and efficiency.
Integration & App Development:
6+ years of hands-on experience with designing/development of Splunk applications.
Advanced Splunk analytics and the development of custom Splunk application so Splunk data integrations with business-critical enterprise applications and systems.
Translating feedback from the business to Splunk technical requirement and solutions.
Develop specialized Splunk Security and Compliance applications, add-ons, data models, dashboards.
content using Python, Splunk SPL, Splunk Simple XML (OR JavaScript, CSS), Bash.
Develop custom Splunk applications and Add-Ons for inclusion of access events per use case criteria.
Develop and configure integrations with third-party security tools (EDR, firewalls, threat intel platforms, ticketing systems, etc.).
Build custom apps or modify existing ones using REST APIs and Python to enhance SOAR capability.
Automation Strategy & Implementation:
Work with stakeholders to identify use cases for automation.
Lead end-to-end implementation of SOAR use cases from design to production.
Security Incident Handling:
Assist in real-time incident response by using SOAR to correlate, triage, and respond to alerts.
Create response templates and automated reports for incidents.
Platform Management:
Maintain and administer the Splunk Phantom platform, including upgrades, performance tuning, and health checks.
Monitor system logs and troubleshoot issues related to connectivity, app execution, or workflow failure.
Documentation & Reporting:
Document playbooks, scripts, and integrations.
Generate reports on SOAR activity, performance metrics, and automation ROI.
Collaboration & Training:
Train SOC staff and other stakeholders on SOAR usage and capabilities.
Collaborate with Splunk SIEM and threat intelligence teams for cohesive operations.
Key Skills-
Splunk Phantom (SOAR)o Python development.
Proficiency in Python programming language.
Splunk Simple XML or web development (JavaScript, CSS).
Splunk app & add-on development
Splunk data modelling. Splunk Enterprise / Splunk Cloud. Python, REST API.
Jira, ServiceNow, Palo Alto, CrowdStrike, Virus Total, MISP, etc.
Git (for version control of playbooks/scripts
"Tekgence is an equal opportunity employer. Applicants must be authorized to work in the U.S. U.S. citizens and Green Card holders are strongly encouraged to apply."
Thanks & Best Regards
Bhargavi Jaltar| Talent Acquisition Lead| Tekgence Inc.
Office : bhargavi@tekgence.com
You received this message because you are subscribed to the Google Groups "daily-requirements" group.
To unsubscribe from this group and stop receiving emails from it, send an email to technical-requirements1+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/technical-requirements1/CAG2fFP8RgjzbBMXGCJ%3D3ZwcYzjANk0doRzr1HkP3OZAuuYRRZQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment
Thanks
Gigagiglet
gigagiglet.blogspot.com