Today
Top Secret/SCI
Senior Level Career (10+ yrs experience)
$125,000 - $150,000
No Traveling
IT - Security
Fort Bragg, NC (On-Site/Office)
The Senior Principal Cybersecurity Automation Engineer will be responsible for utilizing Splunk Phantom for engineering and managing all Security Orchestration Automation Response (SOAR). This role demands an experienced Security Threat Engineer with a robust technical skill set and direct experience in integration and playbook development for Splunk Phantom. The engineer will support automation for various security functions including incident handling, incident response, intrusion analysis, threat hunting, digital forensic analysis, vulnerability scanning, Data Loss Prevention (DLP), and other cyber and information assurance automation activities.
WHAT YOU’LL NEED TO SUCCEED:
Key Responsibilities
Engineer and manage all SOAR using Splunk Phantom.
Integrate security use cases into Phantom.
Develop reusable, testable, and efficient Python-based Playbooks.
Configure and program to enable seamless integration of Phantom with other systems.
Extend the platform by developing Security Apps.
Train and mentor security development teams on the capabilities of Phantom.
Use available tools and the Phantom platform to enable automation and orchestration.
Collaborate with the customer to identify security integration and implementation strategies, developing their expertise in Phantom.
Define requirements for creative integrations and playbooks.
Partner with security operations teams, threat intelligence groups, and incident responders.
Codify workflows into automated playbooks.
Implement and develop Phantom's flexible app model, using numerous tools and APIs.
Utilize Python scripts, PowerShell, and Linux commands for integrations.
Drive efficient communication with integrated collaboration tools.
Use Phantom event and case management for rapid triage of events.
Notify CND managers, incident responders, and team members of suspected CND incidents and provide detailed event histories, statuses, and potential impacts.
Coordinate with higher authorities on actual or attempted intrusions, viruses, and other events.
Implement and enforce CND policies and procedures adhering to applicable laws and regulations.
Provide incident reports, summaries, and situational awareness information to higher headquarters.
Manage incidents from inception to after-action reporting.
Required Qualifications
8+ years of relevant experience
8570 Certification: Minimum certification IAT level II (e.g., CCNA Security, CySA+, GICSP, GSEC, Security+ CE, SSCP); Level III preferred (e.g., CISSP, GCIH, GCFA, GCIA, GNFA, Linux+, CCNA R&S, Splunk Power User)
Experience with Splunk Phantom, Linux, and PowerShell
Preferred Qualifications
Experience installing and configuring Phantom.
Experience in integrating security use cases into Phantom.
Expertise in developing Python scripts, PowerShell, and using Linux commands.
WHAT YOU’LL NEED TO SUCCEED:
Key Responsibilities
Engineer and manage all SOAR using Splunk Phantom.
Integrate security use cases into Phantom.
Develop reusable, testable, and efficient Python-based Playbooks.
Configure and program to enable seamless integration of Phantom with other systems.
Extend the platform by developing Security Apps.
Train and mentor security development teams on the capabilities of Phantom.
Use available tools and the Phantom platform to enable automation and orchestration.
Collaborate with the customer to identify security integration and implementation strategies, developing their expertise in Phantom.
Define requirements for creative integrations and playbooks.
Partner with security operations teams, threat intelligence groups, and incident responders.
Codify workflows into automated playbooks.
Implement and develop Phantom's flexible app model, using numerous tools and APIs.
Utilize Python scripts, PowerShell, and Linux commands for integrations.
Drive efficient communication with integrated collaboration tools.
Use Phantom event and case management for rapid triage of events.
Notify CND managers, incident responders, and team members of suspected CND incidents and provide detailed event histories, statuses, and potential impacts.
Coordinate with higher authorities on actual or attempted intrusions, viruses, and other events.
Implement and enforce CND policies and procedures adhering to applicable laws and regulations.
Provide incident reports, summaries, and situational awareness information to higher headquarters.
Manage incidents from inception to after-action reporting.
Required Qualifications
8+ years of relevant experience
8570 Certification: Minimum certification IAT level II (e.g., CCNA Security, CySA+, GICSP, GSEC, Security+ CE, SSCP); Level III preferred (e.g., CISSP, GCIH, GCFA, GCIA, GNFA, Linux+, CCNA R&S, Splunk Power User)
Experience with Splunk Phantom, Linux, and PowerShell
Preferred Qualifications
Experience installing and configuring Phantom.
Experience in integrating security use cases into Phantom.
Expertise in developing Python scripts, PowerShell, and using Linux commands.
group id: 10105424
Accelerating IT transformation in the public sector
