Splunk & SOAR integration Engineer

Must be a US Citizen

Location:           TCS - Raleigh, NC, CHARLOTTE, NC

 Experience: 7 year

Rate: $49/hr

Advanced Cyber Security Engineer

Operational role on Splunk & XSOAR (our Soar platform). Should have significant experience with development.

Key Responsibilities

• Will work closely on Palo Alto XSOAR platform to customize it as needed
• Will closely integrate existing Security Operation Center (SOC) systems through development and reuse of well-defined APIs
• Working with stakeholders for onboarding new data sources on Splunk (or any other SIEM tool) and perform periodic maintenance activities
• Deploy and evaluate external proof-of-concept tools
• Help with automation of various SOC related manual tasks. 

Must Have 

• Min. 2 years of experience in customization on any SOAR (Security Orchestration, Automation and Response) tool preferably Palo Alto XSOAR
• Min. 5 years of development experience with Python and web frameworks (Django, Flask)
• Experience with log management and/or SIEM technologies such as Splunk

Value

• Web development frontend skills: JavaScript, jQuery, HTML/CSS
• Experience in creating and reusing Restful APIs to improve integration between existing and new security systems
• SQL database or any other DBs
• Good communication skills
• Highly motivated individual with the ability to self-start, prioritize, and multi-task
• Interest in cyber security, willingness to follow security best practices
• Ability to understand code written in other scripting languages
• Knowledge of incident response (SecOps)
• Eagerness to look for and evaluate available open-source incident response/threat intelligence tools
• Strong focus on writing high quality technical documentation
• Good knowledge of Linux, git, nginx