Cybersecurity Automation Engineer with Security Clearance Job at TEKsystems c/o

The Senior Principal Cybersecurity Automation Engineer will be responsible for utilizing Splunk Phantom for engineering and managing all Security Orchestration Automation Response (SOAR). This role demands an experienced Security Threat Engineer with a robust technical skill set and direct experience in integration and playbook development for Splunk Phantom. The engineer will support automation for various security functions including incident handling, incident response, intrusion analysis, threat hunting, digital forensic analysis, vulnerability scanning, Data Loss Prevention (DLP), and other cyber and information assurance automation activities. Key Responsibilities Engineer and manage all SOAR using Splunk Phantom. Develop reusable, testable, and efficient Python-based Playbooks. Extend the platform by developing Security Apps. Use available tools and the Phantom platform to enable automation and orchestration. Collaborate with the customer to identify security integration and implementation strategies, developing their expertise in Phantom. Define requirements for creative integrations and playbooks. Partner with security operations teams, threat intelligence groups, and incident responders. Implement and develop Phantom's flexible app model, using numerous tools and APIs. Utilize Python scripts, PowerShell, and Linux commands for integrations. Implement and enforce CND policies and procedures adhering to applicable laws and regulations. CCNA Security, CySA+, GICSP, GSEC, Security+ CE, SSCP); CISSP, GCIH, GCFA, GCIA, GNFA, Linux+, CCNA R&S, Splunk Power User) Experience with Splunk Phantom, Linux, and PowerShell Preferred Qualifications Experience installing and configuring Phantom. Expertise in developing Python scripts, PowerShell, and using Linux commands.