Vacancy caducado!
- 2+ years of hands-on experience in Splunk SOAR, including writing playbooks and troubleshooting.
- 2+ years of hands-on experience using Splunk for both searching/data analysis and for passing data to SOAR.
- Strong programming skills in Python
- Proficiency with Git
- Experience working with REST and other third-party API integrations.
- Strong understanding of IT security concepts and practices, as well as Blue Team processes and workflows.
- Familiarity with enterprise change management.
- Strong deductive reasoning and critical thinking skills.
- Strong organization skills.
- Experience with Scrum or other agile development methodologies.
- Utility experience is desirable
- Information Security certifications such as Security+, CISSP, GIAC, etc.
- Experience with modeling languages like UML for structure, behavior, and interaction diagrams.
- Ability to use Jira and ServiceNow for ticket tracking.
- Technical writing skills for creating supporting documentation.
- Completed both "Developing SOAR Playbooks" and "Advanced SOAR Implementation" Training courses from Splunk.
- Work with stakeholders directly to build, design, deliver, re-write, and maintain efficient, reusable, and reliable security automations using Splunk SOAR. This role is highly detail oriented and will require hands-on knowledge of programming languages, APIs, and integrations.
- Review API documentation and connect third-party services to the SOAR platform.
- This role will be responsible for the whole lifecycle of an automation playbook, from requirements gathering and -planning to design, testing, implementation, and maintenance.
- Create detailed technical documentation pertaining to your automations.
- Collaborate with other internal teams as part of setting up SOAR integrations.
- Follow all change management processes and requirements as part of setting up SOAR integrations.
Vacancy caducado!