Cyber Security Automation Phantom/Splunk SOAR Engineer
Location: McLean, VA
Position Description: TechGuard Security LLC is looking for a Cyber Security Automation Phantom/Splunk SOAR Engineer to design, implement, integrate Security Orchestration Automation and Response (SOAR) solutions for our government clients. Support network access capability, develop playbooks, facilitate tools automation, and support other cyber security activities. Apply leading-edge principles, theories, and concepts; contribute to the development of new principles and concepts. Work to resolve business complex problems and provides highly innovative solutions.
- 3+ years of experience with Cyber Security technologies, protocols, applications
- 3+ years of experience in tool integrations, REST APIs/SOAP APIs
- 2+ years of experience with Splunk and performing systems administration, including performing installation, configuration, monitoring system performance and availability, upgrades, and troubleshooting
- 1+ years of experience in Phantom / Splunk SOAR, including writing playbook, troubleshooting, training, or supporting technical requests.
- Experience with one or more of the following Cybersecurity tools: FireEye, BigFix, Tanium, ForeScout, ZScaler, Palo Alto, McAfee, Carbon Black, CrowdStrike, Splunk, or ServiceNow
- Experience in Security Operations, SOC, SIEM, Incident Response, and Threat Intelligence
- Experience in Linux administration
- Bachelor’s degree and 4+ years of experience with IT in a professional work environment or 8+ years of experience with IT in a professional work environment in lieu of a degree
- Ability to provide knowledge transfer and training to clients and co-workers
- Ability to obtain a security clearance
- 3+ years of experience with Cyber Security technologies, protocols, applications (to include. EDR, SIEM, Firewalls, AV, and IDS/IPS)
- 3+ years of experience in programming languages to include Python.
- 2+ years of experience in Splunk>Phantom, including writing playbooks, troubleshooting, training, or supporting technical requests
- Experience in log management platforms experience (Splunk, Elasticsearch/Logstash/Kibana – ELK/ Elastic Stack)
- Experience in Networks and Network Protocols (TCP/UDP, DNS, HTTP/HTTPS, SSH, FTP, etc.)
- Certifications in Security+, CEH, CISSP
Clearance Requirements: Ability to obtain a security clearance.
Email resumes to: [email protected]