Back to all jobs

Phantom and Splunk SOAR Engineer, Senior

Booz Allen

Jan 13

Phantom and Splunk SOAR Engineer, Senior

Key Role:

Designs, implements, integrates and maintains systems and tools to automate complex cyber activities. Applies advanced consulting skills and extensive technical expertise; full industry knowledge. Consult on and lead vulnerability identification, new threat exposures and emerging security technologies. Work with in-house teams to identify the right mix of tools, techniques, procedures to translate your customer’s needs and future goals into a plan that will enable secure and effective solutions. Take a critical approach to solution design, identifying gaps, providing alternatives, and customizing solutions to maintain a balance of security and business needs. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.

Basic Qualifications:

-3+ years of experience in tool integrations, including REST APIs, SOAP and APIs 

-1+ years of experience in Splunk>Phantom, including writing playbooks, troubleshooting, training, or supporting technical requests 

-Experience with one or more of the following Cybersecurity tools, including FireEye, BigFix, Tanium, ForeScout, ZScaler, Palo Alto, McAfee, Carbon Black, CrowdStrike, Splunk, or ServiceNow 

-Experience in Security Operations, SOC, SIEM, Incident Response, and Threat Intelligence 

-Experience with Cyber Security technologies, protocols, applications

-Experience in Linux administration 

-Ability to provide knowledge transfer and training to clients and co-workers  

-Ability to obtain a security clearance 

-Bachelor's degree and 4+ years of experience with IT in a professional work environment, or 8+ years of experience with IT in a professional work environment in lieu of a degree  

Additional Qualifications:

-3+ years of experience in programming languages, including Python 

-2+ year of experience in Splunk>Phantom, including writing playbooks, troubleshooting, training, or supporting technical requests 

-Experience with Cyber Security technologies, protocols, and applications, including EDR, SIEM, Firewalls, AV, and IDS/IPS

-Experience in log management platforms, including Splunk, Elasticsearch, Logstash, Kibana, ELK and Elastic Stack 

-Experience in Networks and Network Protocols, including TCP, UDP, DNS, HTTP, HTTPS, SSH, and FTP 

-Ability to produce new playbooks and automate manual security operations procedures per the backlog and as requirements from security operations teams, as new security tools and controls emerge in the marketplace 

-Ability to help manage an inventory of integrations that enable broader playbook creation   

-Ability to work on developing connectors with tools to effectively enable end to end automation of security operations procedures 

-Certifications in Security+, CEH, CISSP 

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

Compensation:

The proposed salary range for this position in Colorado is $105,000 to $115,000. Final salary will be determined based on various factors.

At Booz Allen, we celebrate your contributions, provide you with opportunities and choice, and support your total well-being. Our comprehensive benefit offerings include healthcare, retirement plan, insurance programs, commuter program, employee assistance program, paid and unpaid leave programs, education assistance, and childcare benefits.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

#LI-Remote