Jobs · Engineering · North Carolina

Cybersecurity Automation Engineer

General Dynamics Information Technology · Fort Liberty, North Carolina, United States · 1 wk ago
Engineering$128k–$173k/yrFull-time

Key Responsibilities

  • Engineer and manage all SOAR using Splunk Phantom.
  • Integrate security use cases into Phantom.
  • Develop reusable, testable, and efficient Python-based Playbooks.
  • Configure and program to enable seamless integration of Phantom with other systems.
  • Extend the platform by developing Security Apps.
  • Train and mentor security development teams on the capabilities of Phantom.
  • Use available tools and the Phantom platform to enable automation and orchestration.
  • Collaborate with the customer to identify security integration and implementation strategies, developing their expertise in Phantom.
  • Define requirements for creative integrations and playbooks.
  • Partner with security operations teams, threat intelligence groups, and incident responders.
  • Drive efficient communication with integrated collaboration tools.
  • Utilize Phantom event and case management for rapid triage of events.
  • Notify CND managers, incident responders, and team members of suspected CND incidents and provide detailed event histories, statuses, and potential impacts.
  • Implement and enforce CND policies and procedures adhering to applicable laws and regulations.
  • Provide incident reports, summaries, and situational awareness information to higher headquarters.

Required Qualifications

  • 8+ years of relevant experience.
  • 8570 Certification: Minimum certification IAT level II (e.g., CCNA Security, CySA+, GICSP, GSEC, Security+ CE, SSCP); Level III preferred (e.g., CISSP, GCIH, GCFA, GCIA, GNFA, Linux+, CCNA R&S, Splunk Power User).
  • Experience with Splunk Phantom, Linux, and PowerShell.

Preferred Qualifications

  • Experience installing and configuring Phantom.
  • Experience in integrating security use cases into Phantom.
  • Expertise in developing Python scripts, PowerShell, and using Linux commands.

Critical Soft Skills

  • Ability to multi-task and adapt to changing priorities in highly stressful situations.
  • Highly resilient and motivated to investigate unfamiliar problems in a high OPTEMPO environment.
  • Critical thinking skills for applying and correlating data from multiple sources to solve complex problems.
  • Strong ability to articulate operational impacts of cybersecurity incidents/events to leadership.
  • Effective communication skills and the ability to build strong relationships with other teams.

Similar jobs