Senior Splunk Phantom SOAR Engineer

Confirmed live in the last 24 hours

11-50 employees

Professional services firm providing scalable tech solutions

Company Overview

True Zero Technologies, LLC, a veteran-owned small business, stands out for its commitment to delivering high-quality, scalable solutions tailored to specific business contexts in both the public and private sectors. The company's partnership with Splunk and its team of seasoned industry experts with deep subject matter expertise ensures predictable, high-impact outcomes that enable customers to re-envision their security and operations programs. With a culture of excellence and a focus on purposeful enablement of people and technology, True Zero offers a rewarding work environment for security and software professionals looking to make a significant impact.

Consulting

Company Stage

N/A

Total Funding

N/A

Founded

2016

Headquarters

Annandale, Virginia

Growth & Insights

Headcount

6 month growth

↑ 3%

1 year growth

↑ 20%

2 year growth

↑ 20%

Locations

Remote

Experience Level

Entry

Junior

Mid

Senior

Expert

Desired Skills

AWS

Linux/Unix

Microsoft Azure

Perl

Splunk

Python

Ansible

CategoriesNew

Software Engineering

Requirements

Minimum 8-10 years of relevant market experience
Minimum 2-3 years of experience working with Splunk Phantom or equivalent SOAR platform
Splunk Phantom/SOAR Certifications
Splunk Architect Certification
Experience designing and implementing ground up distributed Splunk Phantom SOAR installations
Experience with advanced configuration of Splunk Phantom SOAR
Experience maintaining and administering enterprise Splunk Phantom SOAR environments
Experience developing custom Phantom SOAR playbooks, workflows, and configurations
Experience integrating Phantom SOAR platform with other tools from both a data and automation perspective
Enterprise experience working with large teams or collaborative environments
Experience working in linux and windows environments, ability to configure:
Storage subsystems (I.e. partitioning, Volume Groups, Logical Volumes, etc.)
SELinux and FAPolicyd
Familiarity with different flavors of Linux distros (RedHat, CentOS, Ubuntu, etc.)
File Permission Settings (linux/windows)
Excellent written and oral skills, ability to work closely with multiple customers, manage expectations, and track engagement scope
Competitive salary, paid twice per month
Best in class medical coverage
100% of medical premiums covered by True Zero
Company wide new business incentive programs
Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)
3 weeks of PTO starting + 11 Paid Holidays Annually
401k Program with 100% company match on the first 4%
Monthly reimbursement of Cell Phone and Home Internet costs
Paternity/Maternity Leave
Investment in training and certifications to broaden and deepen your technical skills

Desired Qualifications

Splunk Core Consultant Certification
Adept at extracting value from data and establishing security use cases
Proficient in establishing standardized practices and documentation
Possess an understanding of Syslog daemon configuration principles, ideally in Syslog-NG and RSyslog configurations
Cloud experience (AWS, Azure, etc.)
Cribl Experience, working with source/destination definitions, pipelines and PACKS, as well as experience writing regular expressions and building routes
Experience with Government CDM Programs
Familiarity with the aggregation tool Axonius
Development and API experience (Python, Perl, XML)
Ansible, Spacewalk, and other enterprise automation tool experience
Hardware experience and storage experience (SAN, NAS, etc.)

True Zero Technologies, a veteran-owned small business, was founded on the principle that the purposeful enablement of people and technology in an organization directly ties to the quality of its outcomes. True Zero recognizes that said outcomes begin and end with our people, and that is what we have built, a community of like-minded, driven, and passionate individuals and innovators who are aligned in a common goal of delivering top tier services to our customers. In 2023, True Zero was recognized as a “Best Places to Work” in two categories ("Prosperous and Thriving" ($5MM – $50MM in gross revenue) and "Mid-Atlantic Region" (DC, DE, MD, NC, VA, WV)) and in 2022, was recognized as one of Inc. Magazine’s Top 5000 Fastest Growing Companies.

True Zero Technologies is seeking experienced Splunk Phantom SOAR engineers or consultants to join our Data Analytics Practice. The position supports the design, implementation, and administration of True Zero’s federal customers Splunk Phantom environment, integration with the customers large Enterprise Splunk environment and other various tools. Candidates must possess prior experience working with Phantom, from both an implementation perspective as well as custom playbook development and workflow defining experience. Candidates with experience in AWS Cloud, Cribl, Syslog, and Axonious is a big plus.

As a TZT consultant, the candidate will receive access to the full knowledge base which is driven by the True Zero community as well as the technical backing of the entire PS team. True Zero encourages collaboration and growth through information sharing and knowledge workshops. The candidate will also have access to our internal Slack channel to stay connected with the team as well as the necessary tools to train, demo, test and grow their professional skills.

Qualification Requirements

Minimum 8-10 years of relevant market experience
Minimum 2-3 years of experience working with Splunk Phantom or equivalent SOAR platform
Splunk Phantom/SOAR Certifications
Splunk Architect Certification
Experience designing and implementing ground up distributed Splunk Phantom SOAR installations
Experience with advanced configuration of Splunk Phantom SOAR
Experience maintaining and administering enterprise Splunk Phantom SOAR environments
Experience developing custom Phantom SOAR playbooks, workflows, and configurations
Experience integrating Phantom SOAR platform with other tools from both a data and automation perspective
Enterprise experience working with large teams or collaborative environments
Experience working in linux and windows environments, ability to configure:
Storage subsystems (I.e. partitioning, Volume Groups, Logical Volumes, etc.)
SELinux and FAPolicyd
Familiarity with different flavors of Linux distros (RedHat, CentOS, Ubuntu, etc.)
File Permission Settings (linux/windows)
Excellent written and oral skills, ability to work closely with multiple customers, manage expectations, and track engagement scope.

Preferred Qualifications

Splunk Core Consultant Certification
Adept at extracting value from data and establishing security use cases
Proficient in establishing standardized practices and documentation
Possess an understanding of Syslog daemon configuration principles, ideally in Syslog-NG and RSyslog configurations.
Cloud experience (AWS, Azure, etc.)
Cribl Experience, working with source/destination definitions, pipelines and PACKS, as well as experience writing regular expressions and building routes
Experience with Government CDM Programs
Familiarity with the aggregation tool Axonius
Development and API experience (Python, Perl, XML)
Ansible, Spacewalk, and other enterprise automation tool experience.
Hardware experience and storage experience (SAN, NAS, etc.)

U.S. Citizenship is required as this is in support of a Federal Customer.

We’re actively searching for talented security and technology practitioners who are ready to experience the True Zero difference. As a True Zero team member, you’ll enjoy:

- Competitive salary, paid twice per month

- Best in class medical coverage

- 100% of medical premiums covered by True Zero

- Company wide new business incentive programs

- Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)

- 3 weeks of PTO starting + 11 Paid Holidays Annually

- 401k Program with 100% company match on the first 4%

- Monthly reimbursement of Cell Phone and Home Internet costs

- Paternity/Maternity Leave

- Investment in training and certifications to broaden and deepen your technical skills