Logo
Diverse Lynx

Splunk SOAR developer

Diverse Lynx, Columbus

Save Job
Title: Splunk SOAR developer
Location: Columbus, OH
Type: Fulltime
Job Description:
Key Skills-
  • Splunk Phantom (SOAR).
  • Python development - Proficiency in Python programming language.
  • Splunk SimpleXML or web development (JavaScript, CSS).
  • Splunk app & add-on development.
  • Splunk data modelling.
  • Splunk Enterprise / Splunk Cloud.
  • Python, REST API.
  • Jira, ServiceNow, Palo Alto, CrowdStrike, VirusTotal, MISP, etc.
  • Git (for version control of playbooks/scripts.
Roles & Responsibilities:
Playbook Development:
  • Design, develop, test, and deploy playbooks using the Splunk SOAR visual editor or Python.
  • Translate incident response procedures into automated workflows.
  • Optimize and refine existing playbooks for performance and efficiency.
Integration & App Development:
  • 6+ years of hands on experience with designing/development of splunk applications.
  • Advanced Splunk analytics and the development of custom Splunk applications.
  • Splunk data integrations with business-critical enterprise applications and systems.
  • Translating feedback from the business to Splunk technical requirement and solutions.
  • Develop specialized Splunk Security and Compliance applications, add-ons, data models, dashboards, content using Python, Splunk SPL, Splunk SimpleXML (OR JavaScript, CSS), Bash.
  • Develop custom Splunk applications and Add-Ons for inclusion of access events per use case criteria.
  • Develop and configure integrations with third-party security tools (EDR, firewalls, threat Client platforms, ticketing systems, etc.).
  • Build custom apps or modify existing ones using REST APIs and Python to enhance SOAR capability.
Automation Strategy & Implementation:
  • Work with stakeholders to identify use cases for automation.
  • Lead end-to-end implementation of SOAR use cases from design to production.
Security Incident Handling:
  • Assist in real-time incident response by using SOAR to correlate, triage, and respond to alerts.
  • Create response templates and automated reports for incidents.
Platform Management:
  • Maintain and administer the Splunk Phantom platform, including upgrades, performance tuning, and health checks.
  • Monitor system logs and troubleshoot issues related to connectivity, app execution, or workflow failure.
Documentation & Reporting:
  • Document playbooks, scripts, and integrations.
  • Generate reports on SOAR activity, performance metrics, and automation ROI.
Collaboration & Training:
  • Train SOC staff and other stakeholders on SOAR usage and capabilities.
  • Collaborate with Splunk SIEM and threat intelligence teams for cohesive operations
Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.