True Zero Technologies, LLC is hiring a
Mid-Level Splunk Phantom SOAR Engineer in Worldwide

Summary

True Zero Technologies is seeking an experienced Splunk Phantom SOAR engineer or consultant to join their Data Analytics Practice. The position involves designing, implementing, and administering the federal customers' Splunk Phantom environment, integrating it with their large Enterprise Splunk environment, and other tools.

Requirements

• Minimum 5-7 years of relevant market experience
• Minimum 1-2 years of experience working with Splunk Phantom or equivalent SOAR platform
• Splunk Phantom/SOAR Certifications
• Splunk Architect Certification
• Experience designing and implementing ground up distributed Splunk Phantom SOAR installations
• Experience with advanced configuration of Splunk Phantom SOAR
• Experience maintaining and administering enterprise Splunk Phantom SOAR environments
• Experience developing custom Phantom SOAR playbooks, workflows, and configurations
• Experience integrating Phantom SOAR platform with other tools from both a data and automation perspective
• Enterprise experience working with large teams or collaborative environments
• Experience working in linux and windows environments, ability to configure: Storage subsystems, SELinux and FAPolicyd, Familiarity with different flavors of Linux distros, File Permission Settings (linux/windows)

Responsibilities

• Design, implement, and administer True Zero's federal customers Splunk Phantom environment
• Integrate the Splunk Phantom environment with the customers large Enterprise Splunk environment and other tools

Preferred Qualifications

• Splunk Core Consultant Certification
• Adept at extracting value from data and establishing security use cases
• Proficient in establishing standardized practices and documentation
• Possess an understanding of Syslog daemon configuration principles, ideally in Syslog-NG and RSyslog configurations
• Cloud experience (AWS, Azure, etc.)
• Cribl Experience, working with source/destination definitions, pipelines and PACKS, as well as experience writing regular expressions and building routes
• Experience with Government CDM Programs
• Familiarity with the aggregation tool Axonius
• Development and API experience (Python, Perl, XML)
• Ansible, Spacewalk, and other enterprise automation tool experience
• Hardware experience and storage experience (SAN, NAS, etc.)

Benefits

• Competitive salary, paid twice per month
• Best in class medical coverage
• 100% of medical premiums covered by True Zero
• Company wide new business incentive programs
• Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)
• 3 weeks of PTO starting + 11 Paid Holidays Annually
• 401k Program with 100% company match on the first 4%
• Monthly reimbursement of Cell Phone and Home Internet costs
• Paternity/Maternity Leave
• Investment in training and certifications to broaden and deepen your technical skills