×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

SOAR; Phantom Developer

Job in Baltimore, Anne Arundel County, Maryland, 21276, USA
Listing for: Vidorra Consulting Group
Full Time position
Listed on 2026-01-16
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: SOAR (Phantom) Developer

Role

  • Develop and maintain playbooks in Splunk SOAR (Phantom).
  • Automate SOC workflows and integrate SOAR with IT security systems, ticketing platforms, and threat intelligence feeds.
  • Refine and Eeostr, plan, and optimise automation for speed, efficiency, and accuracy.
  • Administer and optimise Splunk Enterprise across distributed environments.
  • Apply Splunk best practices for indexing, data models, knowledge objects, and search performance.
    • Հանրապետության<
  • Monitor Splunk health, scaling, and redundancy.
  • Manage data ingestion pipelines using Cribl for routing, filtering, and transformation.
  • Use Redis for caching, enrichment, and high‑speed data lookups in automation workflows.
  • Develop SQL‑based integrations for correlation, enrichment, and reporting.
  • Ensure seamless integration of APIs, third‑party tools, and security services into Splunk and SOAR.
  • Align Splunk and SOAR capabilities with SOC detection and response requirements.
  • Apply security and IT architecture patterns – event‑driven workflows, identity management, log aggregation.
Essential Skills
  • Splunk Enterprise: 5+ years, advanced SPL, indexing, search optimisation, object management.
  • Minimum 2 years hands‑on Splunk SOAR (Phantom) development, playbook design and deployment.
  • Proficiency in Cribl, Redis, SQL for data ingestion, enrichmentĆ, and correlation.
  • Experience integrating with REST APIs, including OAuth and key‑based authentication.
  • Strong Python skills – JSON, XML parsing, API requests, regex; familiarity with Power Shell and Bash.
  • Solid grasp of cybersecurity fundamentals and SOC operations.
  • Unix/Linux administration, networking topology and authentication systems.
  • Mapping MITRE ATT&CK tactics and techniques to playbook design.
  • Version control experience (Git).
  • Splunk Certified Admin and SOAR Developer certifications.
  • Nice to have – TAXII, MISP, Recorded Future integration.
  • Understanding of data lifecycle, compliance, retention policies, and normalization.
  • Experience upgrading Splunk Enterprise, MLTK, UBA, ITSI.
  • Familiarity with Dev Ops containers (Docker, Kubernetes) and Zero‑Trust framework.
Seniority Level

Mid‑Senior level

Employment Type

Contract

Job Function

Engineering and Information Technology

#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search