×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Cybersecurity Splunk SOAR Engineer

Job in Tampa, Hillsborough County, Florida, 33646, USA
Listing for: General Dynamics Information Technology
Full Time position
Listed on 2026-02-15
Job specializations:
  • IT/Tech
    Cybersecurity
  • Engineering
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below

Type of Requisition

Regular

Clearance Level Must Currently Possess

Top Secret/SCI

Clearance Level Must Be Able to Obtain

Top Secret/SCI

Public Trust/Other Required

None

Job Family

IT Infrastructure and Operations

Job Qualifications
  • Skills:

    Cybersecurity, Security Tools, Splunk Phantom
  • Certifications:

    None
  • Experience:

    8+ years of related experience
  • US Citizenship

    Required:

    Yes
Job Description

Advance how our customers operate while you advance your career. Join GDIT as a Splunk SOAR Engineer and build an impactful career in enterprise IT, collaborating with people who are driven and resourceful like you.

MEANINGFUL WORK AND PERSONAL IMPACT:

As a Splunk SOAR Engineer
, the work you’ll do at GDIT will be impactful to the mission of USCENTCOM. You will play a crucial role in transforming incident response processes from manual tasks to automated playbooks. This role requires deep technical expertise in security operations, hands‑on experience with Splunk SOAR deployment and content development, and the ability to integrate diverse security tools for cohesive orchestration.

The ideal candidate will possess a strategic vision for maximizing security efficiency and accelerating threat mitigation.

We are seeking a Splunk SOAR Engineer with a demonstrable background in developing and implementing Security Orchestration, Automation, and Response (SOAR) solutions at an enterprise level. The selected engineer will be responsible for the full lifecycle of SOAR capabilities, from design and integration to content development and maintenance, with key focus areas including:

  • Designing, deploying, and documenting the distributed Splunk SOAR platform architecture, ensuring high availability, performance, and scalability across the security domain.
  • Developing and customizing complex SOAR playbooks (e.g., in Python or Phantom Playbook Editor) for automated enrichment, triage, containment, and remediation of security incidents (e.g., phishing, malware, unauthorized access).
  • Integrating Splunk SOAR with a diverse ecosystem of security tools, including Splunk Enterprise Security (ES), firewalls, EDR/XDR, vulnerability scanners, threat intelligence platforms, and ticketing systems via API and custom app development.
  • Managing and optimizing data flow between Splunk ES and Splunk SOAR, ensuring security events and alerts trigger appropriate and effective automation actions.
  • Creating custom apps/integrations for Splunk SOAR to connect with proprietary or unique security tools not supported by out‑of‑the‑box integrations.
  • Collaborating with SOC analysts, threat hunters, and incident response teams to gather requirements, document workflows, and translate manual security procedures into robust, automated playbooks.
  • Establishing and tracking metrics for SOAR utilization, automation coverage, and Mean Time to Respond (MTTR) reduction to demonstrate platform value and drive continuous improvement.
  • Developing and maintaining detailed documentation of all SOAR content, platform configurations, and integration architectures.

WHAT YOU’LL NEED TO SUCCEED:

  • Certification:
    Applicable DoD 8140 or DoD 8570 Certification
  • Experience:

    8+ years of related experience
  • Required Skills:
    • Deep, hands‑on expertise with Splunk SOAR (Phantom) administration, configuration, and maintenance in a distributed, enterprise environment.
    • Advanced proficiency in Python scripting for developing and customizing SOAR playbooks, custom apps, and integrations.
    • Proven experience integrating SOAR with Splunk Enterprise Security (ES) and core security tools (e.g., EDR, TIP, SIEM).
    • Strong understanding of security operations (Sec Ops) principles, incident response life cycles, and threat detection methodologies.
    • Experience with RESTful APIs and developing connectors for tool interoperability.
    • Proficiency in data manipulation, security log parsing, and understanding of the Common Information Model (CIM) in a security context.
    • Strong verbal and written communication skills with the ability to articulate complex security automation concepts to technical and non‑technical audiences.
  • Desired

    Skills:
    • Familiarity with cloud security logging, containerization (Docker/Kubernetes), and CI/CD pipelines for playbook…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search