Job Information
System One Splunk Security Engineer - SOAR in Washington, District Of Columbia
ALTA IT Services has a contract to hire opportunity for a Splunk Security Engineer – SOAR to support a leading health insurance client.
Splunk Security Engineer - SOAR
Washington, DC (Mostly Remote, Hybrid as Needed)
Contract to Hire
Pay: $70-75/hr W2 Range
COVID Vaccination Required
PURPOSE:
Develops and implements security solutions. Administers security technology systems by architecting and engineering/developing trusted systems into secure systems. Assists in the development of implementation and deployment plans that are aligned to the organizational strategic plan objectives and security requirements. Advises management in developing cybersecurity policies, processes, and procedures.
This position will support the SBP CSOC Engineering team to enhance our security tool integrations, automations, scripts, and playbook content for the SOAR platform. You'll be instrumental in maintaining and enhancing the security posture of vital systems.
We are looking for a technical engineer to help maintain and support the Splunk and xSOAR (Palo Alto Cortex) systems. Need someone with a demonstrated experience with Splunk and SOAR tool suites that is resourceful in learning a very complex and dynamically changing network. Must be a self-starter, able to work independently, and able to manage time effectively.
This position a remote position but may require coming to office as needed.
Your Role Responsibilities...
Manage the Splunk and SOAR platform to included troubleshooting, patching and upgrades.
Lead security automation playbook development from requirements collection to implementation.
Write, test, and maintain automation scripts/workflows within SOAR platform.
Design, implement, standardize, and maintain efficient and reusable Python.
Translate conceptual CSOC\IR requirements into technical data and integration requirements for the SOAR platform.
Deliver API solutions that streamline, simplify, and improve efficiencies for the Cybersecurity teams as well as other enterprise Business Units.
ESSENTIAL FUNCTIONS:
20% Assists with day-to-day support of security solutions.
20% Assists with engineering support and system administration of specialized cybersecurity solutions.
15% Solves complex problems and answers routine questions about the installation, operation, configuration, and customization of cybersecurity software.
15% Identifies potential conflicts with the implementation of any cybersecurity solutions.
10% Answers routine questions about the installation, operation, configuration, and customization of cybersecurity solutions.
10% Reviews and analyzes appropriate cybersecurity solution system logs for performance and functional anomalies.
10% Works with system design architects and project managers to provide security requirements.
Qualifications
Education Level: Bachelor's Degree
Education Details: Computer Science, Information Technology, or related field
Experience: 5 years professional experience cybersecurity, NOC/SOC environments, and IT Services environment, providing incident response.
In Lieu of Education
In lieu of a Bachelor's degree, an additional 4 years of relevant work experience is required in addition to the required work experience.
Preferred Qualifications
Minimal Qualifications & Experience.
Demonstrated experience with Splunk and SOAR tool suites, with an emphasis on Palo Alto Cortex xSOAR.
Strong understanding of SOAR playbook development and logic flows.
Strong understanding of CSOC workflows.
Ability to communicate effectively with all levels of an organization from engineering, operations, and management.
Strong Python, and PowerShell experience.
Experience working in or with security functions such as SOC, CIRT, security engineering, risk management, and vulnerability management.
Ability to multi-task and prioritize work effectively.
A track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
Demonstrated exceptional written and verbal communication skills.
Excellent interpersonal skills and the ability to work effectively with people in a wide range of levels.
Demonstrated experience endpoint security, network security (Firewalls, IPS/IDS, DNS, Proxy, etc.), data and application security, cloud security and technologies.
Bonus
Experience with SPLUNK ES.
RegEx experience.
Experience administering Amazon Web Services (AWS) and/or Microsoft Azure.
Experience deploying and correlating threat intelligence and vulnerability management solutions.
Good understanding of Agile methodology
Windows/Linux experience
Licenses/Certifications
CISSP Certified Information Systems Security Professional Upon Hire Req or
CISM - Certified Information Security Manager Upon Hire Req or
Certified Ethical Hacker (CEH) Upon Hire Req or
Certified Information Systems Auditor (CISA) Upon Hire Req
#M2
System One, and its subsidiaries including Joulé, ALTA IT Services, CM Access, TPGS, and MOUNTAIN, LTD., are leaders in delivering workforce solutions and integrated services across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible full-time employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan.
System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.
System One
-
- System One Jobs
