Greetings,
We have the below requirement with our client. Kindly go through the JD below and let me know your interest.
Splunk Phantom (SOAR) with Python development_
Location: Columbus , OH
Duration: 6 months
Total Exp: 8-10 Years
Key Responsibilities:
Playbook Development:
o Design, develop, test, and deploy playbooks using the Splunk SOAR visual editor or Python.
Translate incident response procedures into automated workflows.
Optimize and refine existing playbooks for performance and efficiency.
Integration & App Development:
6+ years of hands-on experience with designing/development of Splunk applications.
Advanced Splunk analytics and the development of custom Splunk application so Splunk data integrations with business-critical enterprise applications and systems.
Translating feedback from the business to Splunk technical requirement and solutions.
Develop specialized Splunk Security and Compliance applications, add-ons, data models, dashboards.
content using Python, Splunk SPL, Splunk Simple XML (OR JavaScript, CSS), Bash.
Develop custom Splunk applications and Add-Ons for inclusion of access events per use case criteria.
Develop and configure integrations with third-party security tools (EDR, firewalls, threat intel platforms, ticketing systems, etc.).
Build custom apps or modify existing ones using REST APIs and Python to enhance SOAR capability.
Automation Strategy & Implementation:
Work with stakeholders to identify use cases for automation.
Lead end-to-end implementation of SOAR use cases from design to production.
Security Incident Handling:
Assist in real-time incident response by using SOAR to correlate, triage, and respond to alerts.
Create response templates and automated reports for incidents.
Platform Management:
Maintain and administer the Splunk Phantom platform, including upgrades, performance tuning, and health checks.
Monitor system logs and troubleshoot issues related to connectivity, app execution, or workflow failure.
Documentation & Reporting:
Document playbooks, scripts, and integrations.
Generate reports on SOAR activity, performance metrics, and automation ROI.
Collaboration & Training:
Train SOC staff and other stakeholders on SOAR usage and capabilities.
Collaborate with Splunk SIEM and threat intelligence teams for cohesive operations.
Key Skills-
Splunk Phantom (SOAR)o Python development.
Proficiency in Python programming language.
Splunk Simple XML or web development (JavaScript, CSS).
Splunk app & add-on development
Splunk data modelling. Splunk Enterprise / Splunk Cloud. Python, REST API.
Jira, ServiceNow, Palo Alto, CrowdStrike, Virus Total, MISP, etc.
Git (for version control of playbooks/scripts
“Tekgence is an equal opportunity employer. Applicants must be authorized to work in the U.S. U.S. citizens and Green Card holders are strongly encouraged to apply.”
Thanks & Best Regards
Bhargavi Jaltar| Talent Acquisition Lead| Tekgence Inc.
Office : bhargavi@tekgence.com
—
You received this message because you are subscribed to the Google Groups “Daily C2C Requirement 1” group.
To unsubscribe from this group and stop receiving emails from it, send an email to daily—c2c—reqs+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/daily—c2c—reqs/CAG2fFP8u%3Dzy5iEFyOU7iafhbTpok3d9aJcHNnNk3ca2x00KU6w%40mail.gmail.com.