Splunk Phantom Consultant

Added: 4/22/2021

REF: 9957

Contract: Contract

Location: France, France

Job: Splunk Phantom Consultant

Duration: 6+ months

Location: France (Remote)

Day Rate: Competitive

 

A Splunk Partner based in France is seeking and experienced Splunk Phantom Consultant to support a customer with the development of a SOC Framework. This will include integration/OnBoarding of applications and data to all SOC tools (Splunk ES, Phantom, Confluence and more)

 

Responsibilities:

  • Support automation interfaces and process between Phantom SOAR and other IT technologies (ServiceNow, VMWare WorkspaceOne and other API) to increase automation capacity.
  • Specify, design and implement SOC Level 3 investigation & response workflows and automation plan end-to-end.
  • Participate in the framework for data model integration delivery.
  • Review & propose SOC tools methods and delivery.
  • Review process of Detection & Response/Automation implementation activities
  • Develop MITRE-based framework playbooks using python and integration of new applications and services needed for the activation of these playbooks.
  • Contribute to the definition and enforcement of the framework rules and policies.
  • Participate to the preparation of Splunk Migration for the Technical Add-On and DB Connect development
  • Support Infrastructure scalability for all SOC Tools.
  • Endpoint Detection & Response (EDR) automation and triage analysis

 

This is an immediate requirement for a Splunk Phantom Consultant to work on a 6+ month freelance assignment through a Splunk Partner. Role will be fully remote. French language is not essential but can be beneficial. If you are interested in discussing further, please share an updated CV.

Apply Now

Complete the form below to apply for the Splunk Phantom Consultant role:

Add Your CV

Alternatively select from

View all jobs