Vidorra Consulting Group ยท 10 hours ago
SOAR (Phantom) Developer
Baltimore, MD
Contract
Onsite
Mid, Senior Level
2+ years expVidorra Consulting Group is seeking a SOAR (Phantom) Developer to design, develop, and maintain automation playbooks within Splunk SOAR. The role involves optimizing SOC workflows, managing data ingestion, and ensuring integration with various security systems.
Industrial AutomationInformation ServicesInformation TechnologySoftware
Responsibilities
Design| develop| and maintain playbooks in Splunk SOAR (Phantom)
Automate SOC workflows and integrate SOAR with IT security systems| ticketing platforms| and threat intelligence feeds
Refine and optimize automation for speed| efficiency| and accuracy
Administer and optimize Splunk Enterprise across distributed environments
Apply Splunk best practices for indexing| data models| knowledge objects| and search performance
Monitor Splunk health| scaling| and redundancy
Manage data ingestion pipelines using Cribl for routing| filtering| and transformation
Use Redis for caching| enrichment| and high-speed data lookups in automation workflows
Develop SQL-based integrations for correlation| enrichment| and reporting
Ensure seamless integration of APIs| third-party tools| and security services into Splunk and SOAR
Align Splunk and SOAR capabilities with SOC detection and response requirements
Apply security and IT architecture patterns (event-driven workflows| identity management| log aggregation)
Qualification
Required
5 years of Splunk Enterprise with multi-TB daily ingest| advanced knowledge of SPL| search optimization| and object management
Minimum 2 years of hands on Splunk SOAR (Phantom) development
Experience in designing and deploying playbooks
Proficiency with Cribl| Redis| SQL for management| ingestion| enrichment and correlation of data
Experience integrating with REST APIs handling authentication including OAuth and keys
Strong knowledge of Python including JSON XML Parsing| API requests and regex
Familiarity with PowerShell and Bash
Solid grasp of Cyber SOC operations and cybersecurity fundamentals
Proficiency in Unix/Linux administrations| networking topology and authentication systems
Capability of mapping MITRE ATTACK tactics and techniques to playbook design and development
Understanding of code repos and version control (Git)
Splunk Certified Admin and SOAR Developer certification
Preferred
Threat intelligence integration such as TAXII MISP and Recorded Future
Understanding of data life cycle (Compliance| retention policies| normalization)
Previous experience with upgrading Splunk enterprise
Experience with Splunk MLTK| UBA and| ITSI
Familiarity with DevOps containers (Dockers| Kubernetes)
Knowledge of Zero Trust framework
Company
Vidorra Consulting Group
Vidorra Consulting is a Software Consulting firm with strong focus on niche areas of Robotics Process Automation, Analytics & Data Integration and Oracle Utilities Analytics (OUA).
51-200 employees
H1B Sponsorship
Vidorra Consulting Group has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (2)
2024 (6)
2023 (9)
2022 (7)
2021 (3)
2020 (13)
Funding
Current Stage
Growth StageRecent News
2025-10-09
Company data provided by crunchbase