Splunk SOAR Cyber Automation Engineer jobs in United States
info-icon
This job has closed.
company-logo

Ennoble First Inc. · 1 month ago

Splunk SOAR Cyber Automation Engineer

positionReston, VA
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$120K/yr - $150K/yr
date5+ years exp

Ennoble First is a company focused on supporting and securing complex government, defense, and intelligence projects. They are seeking a Splunk SOAR Cyber Automation Engineer to implement and maintain security orchestration and automation capabilities, working closely with SOC analysts and platform teams to enhance incident response workflows.

Cyber SecurityInformation TechnologySoftware
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Deploy, configure, operate, and sustain Splunk SOAR platforms in enterprise Government environments
Design, develop, and maintain automated playbooks to support incident response, alert enrichment, containment, and remediation
Integrate Splunk SOAR with SIEM, EDR, IDS/IPS, vulnerability management, threat intelligence, and ticketing platforms
Develop custom scripts and connectors to extend automation and enrichment capabilities
Monitor platform health, automation execution, and system performance
Perform upgrades, patching, configuration changes, and lifecycle maintenance
Troubleshoot automation failures, integration issues, and workflow performance problems
Collaborate with SOC and cyber operations teams to identify automation opportunities and improve response processes
Develop and maintain technical documentation, runbooks, and operational procedures
Support Zero Trust initiatives through automated detection and response workflows

Qualification

Splunk SOARCybersecurity engineeringIncident responsePythonAPI integrationDoD 8570.01-M certificationTroubleshootingTechnical documentationCollaboration

Required

5+ years of experience supporting cybersecurity engineering, security operations, or incident response
3+ years of experience deploying or administering SOAR platforms, including Splunk SOAR (Phantom) or similar tools
2+ years of experience deploying, hosting, monitoring, and securing solutions for Government customers
Strong understanding of incident response processes, alert triage, and automated remediation
Experience developing automation using Python or similar scripting languages
Experience integrating security platforms using APIs and native connectors
Active TS/SCI clearance with polygraph eligibility
Associate's degree and 5+ years of experience supporting IT projects and activities, or
Bachelor's degree and 3+ years of experience supporting IT projects and activities, or
Master's degree and 1+ year of experience supporting IT projects and activities
DoD 8570.01-M Information Assurance Technician (IAT) Level II certification (e.g., Security+ CE, CCNA-Security, GSEC, SSCP, CySA+, GICSP, or CND)
Ability to obtain a DoD 8570.01-M Cybersecurity Service Provider – Infrastructure Support certification (e.g., CEH, CHFI, CFR, Cloud+, or CND) within 30 days of start date

Preferred

Hands-on experience developing Splunk SOAR playbooks in production environments
Experience supporting SOC or cyber mission operations
Familiarity with Splunk Enterprise Security and Splunk data models
Experience supporting DoD or Intelligence Community environments
Security certifications such as GCIH, GCED, CISSP, or similar

Benefits

Relocation Assistance

Company

Ennoble First Inc.

twittertwittertwitter
company-logo
Cutting-Edge Engineering Firm delivering an AI and Data Centric Solutions Model that automates the mundane to better utilize human decision making for mission critical actions.
dateFounded in 2014
location
Columbia, Maryland, USA
people-size51-200 employees
web-link
https://www.ennoblefirst.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Ganesh N.
President and CEO
linkedin
leader-logo
Lisa Natarajan
Chief Administrative Officer, CNO
linkedin
Company data provided by crunchbase