Land top tech jobs in Silicon Valley! Find software, data, and AI roles at the biggest U.S. startups and tech giants.

Search This Blog

Fwd: Splunk Phantom (SOAR) with Python development_ Columbus , OH

Greetings,

We have the below requirement with our client. Kindly go through the JD below and let me know your interest.

 

Splunk Phantom (SOAR) with Python development_

Location: Columbus , OH

Duration: 6 months

 

Total Exp: 8-10 Years

 

Key Responsibilities:

Playbook Development:

o Design, develop, test, and deploy playbooks using the Splunk SOAR visual editor or Python.

Translate incident response procedures into automated workflows.

Optimize and refine existing playbooks for performance and efficiency.

 

Integration & App Development:

6+ years of hands-on experience with designing/development of Splunk applications.

Advanced Splunk analytics and the development of custom Splunk application so Splunk data integrations with business-critical enterprise applications and systems.

Translating feedback from the business to Splunk technical requirement and solutions.

Develop specialized Splunk Security and Compliance applications, add-ons, data models, dashboards.

content using Python, Splunk SPL, Splunk Simple XML (OR JavaScript, CSS), Bash.

Develop custom Splunk applications and Add-Ons for inclusion of access events per use case criteria.

Develop and configure integrations with third-party security tools (EDR, firewalls, threat intel platforms, ticketing systems, etc.).

Build custom apps or modify existing ones using REST APIs and Python to enhance SOAR capability.

 

Automation Strategy & Implementation:

Work with stakeholders to identify use cases for automation.

Lead end-to-end implementation of SOAR use cases from design to production.

 

Security Incident Handling:

Assist in real-time incident response by using SOAR to correlate, triage, and respond to alerts.

Create response templates and automated reports for incidents.

 

Platform Management:

Maintain and administer the Splunk Phantom platform, including upgrades, performance tuning, and health checks.

Monitor system logs and troubleshoot issues related to connectivity, app execution, or workflow failure.

 

Documentation & Reporting:

Document playbooks, scripts, and integrations.

Generate reports on SOAR activity, performance metrics, and automation ROI.

 

Collaboration & Training:

Train SOC staff and other stakeholders on SOAR usage and capabilities.

Collaborate with Splunk SIEM and threat intelligence teams for cohesive operations.

 

Key Skills-

Splunk Phantom (SOAR)o Python development.

Proficiency in Python programming language.

Splunk Simple XML or web development (JavaScript, CSS).

Splunk app & add-on development

Splunk data modelling. Splunk Enterprise / Splunk Cloud. Python, REST API.

Jira, ServiceNow, Palo Alto, CrowdStrike, Virus Total, MISP, etc.

Git (for version control of playbooks/scripts

 

 

"Tekgence is an equal opportunity employer. Applicants must be authorized to work in the U.S. U.S. citizens and Green Card holders are strongly encouraged to apply."

 

Thanks & Best Regards

Bhargavi Jaltar| Talent Acquisition Lead| Tekgence Inc.

Office : bhargavi@tekgence.com

 

--
You received this message because you are subscribed to the Google Groups "daily-requirements" group.
To unsubscribe from this group and stop receiving emails from it, send an email to technical-requirements1+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/technical-requirements1/CAG2fFP8RgjzbBMXGCJ%3D3ZwcYzjANk0doRzr1HkP3OZAuuYRRZQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

No comments:

Post a Comment

Thanks

Gigagiglet
gigagiglet.blogspot.com