Experience integrating Splunk with enterprise platforms such as ServiceNow, Splunk SOAR, and Splunk UEBA, and ServiceNow to support automation and operational workflows. * Ability to design and ...
Experience integrating Splunk with enterprise platforms such as ServiceNow, Splunk SOAR, and Splunk UEBA, and ServiceNow to support automation and operational workflows. * Ability to design and ...
Splunk Engineer
Herndon, VA · On-site
$112K - $179K/yr
Integrate Splunk with automation/orchestration tools (e.g., Ansible, ServiceNow, SOAR platforms) for improved workflow efficiency. * Document data source onboarding, dashboard configuration, and ...
Splunk Engineer
Herndon, VA · On-site
$112K - $179K/yr
Integrate Splunk with automation/orchestration tools (e.g., Ansible, ServiceNow, SOAR platforms) for improved workflow efficiency. * Document data source onboarding, dashboard configuration, and ...
Splunk Engineer
$112K - $179K/yr
Integrate Splunk with automation/orchestration tools (e.g., Ansible, ServiceNow, SOAR platforms) for improved workflow efficiency. * Document data source onboarding, dashboard configuration, and ...
Splunk Engineer
$112K - $179K/yr
Integrate Splunk with automation/orchestration tools (e.g., Ansible, ServiceNow, SOAR platforms) for improved workflow efficiency. * Document data source onboarding, dashboard configuration, and ...
Splunk Engineer
Herndon, VA · On-site
$112K - $179K/yr
Integrate Splunk with automation/orchestration tools (e.g., Ansible, ServiceNow, SOAR platforms) for improved workflow efficiency. * Document data source onboarding, dashboard configuration, and ...
Splunk Engineer
Herndon, VA · On-site
$112K - $179K/yr
Integrate Splunk with automation/orchestration tools (e.g., Ansible, ServiceNow, SOAR platforms) for improved workflow efficiency. * Document data source onboarding, dashboard configuration, and ...
Splunk Engineer
$112K - $179K/yr
Integrate Splunk with automation/orchestration tools (e.g., Ansible, ServiceNow, SOAR platforms) for improved workflow efficiency. * Document data source onboarding, dashboard configuration, and ...
Splunk Engineer
$112K - $179K/yr
Integrate Splunk with automation/orchestration tools (e.g., Ansible, ServiceNow, SOAR platforms) for improved workflow efficiency. * Document data source onboarding, dashboard configuration, and ...
Splunk Engineer
$112K - $179K/yr
Integrate Splunk with automation/orchestration tools (e.g., Ansible, ServiceNow, SOAR platforms) for improved workflow efficiency. * Document data source onboarding, dashboard configuration, and ...
Splunk Engineer
$112K - $179K/yr
Integrate Splunk with automation/orchestration tools (e.g., Ansible, ServiceNow, SOAR platforms) for improved workflow efficiency. * Document data source onboarding, dashboard configuration, and ...
Role : Splunk Engineer/Administrator Location :San Antonio, TX / Austin or Houston ( Hybrid ... Experience in technologies like GIT, JIRA, and Automation Testing. * Familiarity with Phantom ...
Role : Splunk Engineer/Administrator Location :San Antonio, TX / Austin or Houston ( Hybrid ... Experience in technologies like GIT, JIRA, and Automation Testing. * Familiarity with Phantom ...
Splunk Developer
Charlotte, NC · On-site
... SOAR (Security Orchestration, Automation and Response) tool preferably Palo Alto XSOAR · Min. 5 ... Splunk. DESIRED SKILLS: · Web development frontend skills: JavaScript, jQuery, HTML/CSS · ...
Quick apply
Splunk Developer
Charlotte, NC · On-site
... SOAR (Security Orchestration, Automation and Response) tool preferably Palo Alto XSOAR · Min. 5 ... Splunk. DESIRED SKILLS: · Web development frontend skills: JavaScript, jQuery, HTML/CSS · ...
Splunk Engineer
$112K - $179K/yr
Integrate Splunk with automation/orchestration tools (e.g., Ansible, ServiceNow, SOAR platforms) for improved workflow efficiency. * Document data source onboarding, dashboard configuration, and ...
Splunk Engineer
$112K - $179K/yr
Integrate Splunk with automation/orchestration tools (e.g., Ansible, ServiceNow, SOAR platforms) for improved workflow efficiency. * Document data source onboarding, dashboard configuration, and ...
Experience integrating Splunk with enterprise platforms such as ServiceNow, Splunk SOAR, and Splunk UEBA, and ServiceNow to support automation and operational workflows. * Ability to design and ...
Experience integrating Splunk with enterprise platforms such as ServiceNow, Splunk SOAR, and Splunk UEBA, and ServiceNow to support automation and operational workflows. * Ability to design and ...
... Splunk) to enhance threat detection and alert fidelity. * Build and maintain SOAR playbooks to ... Stay informed of emerging cybersecurity technologies, automation tools, and threat trends to drive ...
... Splunk) to enhance threat detection and alert fidelity. * Build and maintain SOAR playbooks to ... Stay informed of emerging cybersecurity technologies, automation tools, and threat trends to drive ...
Splunk Engineer
$112K - $179K/yr
Integrate Splunk with automation/orchestration tools (e.g., Ansible, ServiceNow, SOAR platforms) for improved workflow efficiency. * Document data source onboarding, dashboard configuration, and ...
Splunk Engineer
$112K - $179K/yr
Integrate Splunk with automation/orchestration tools (e.g., Ansible, ServiceNow, SOAR platforms) for improved workflow efficiency. * Document data source onboarding, dashboard configuration, and ...
Continuously improve scanning, reporting, and remediation processes through automation and orchestration tools (e.g., Service Now, MS Sentinel, Ansible, Terraform, Splunk Phantom). * Bachelor ...
Continuously improve scanning, reporting, and remediation processes through automation and orchestration tools (e.g., Service Now, MS Sentinel, Ansible, Terraform, Splunk Phantom). * Bachelor ...
Splunk Engineer
Jersey City, NJ · On-site
... SOAR expertise and hands-on knowledge in large-scale, hybrid-cloud environments. The ideal candidate will excel in Splunk development, automation, data engineering, and security operations, while ...
Splunk Engineer
Jersey City, NJ · On-site
... SOAR expertise and hands-on knowledge in large-scale, hybrid-cloud environments. The ideal candidate will excel in Splunk development, automation, data engineering, and security operations, while ...
... office automation packages; document and information management tools; and collaboration, voice ... Familiarity with Splunk Enterprise Security (ES), Qumolos, and Splunk SOAR is a plus. * Solid ...
Quick apply
... office automation packages; document and information management tools; and collaboration, voice ... Familiarity with Splunk Enterprise Security (ES), Qumolos, and Splunk SOAR is a plus. * Solid ...
Sr. Torq/SOAR Engineer
Falls Church, VA · On-site
$111K - $153K/yr
The Sr. TORQ/SOAR Engineer serves as a technical leader and trusted authority for Security ... automation logic. * Integrate TORQ with enterprise security tools such as Elastic Stack, Splunk ...
Sr. Torq/SOAR Engineer
Falls Church, VA · On-site
$111K - $153K/yr
The Sr. TORQ/SOAR Engineer serves as a technical leader and trusted authority for Security ... automation logic. * Integrate TORQ with enterprise security tools such as Elastic Stack, Splunk ...
... Automation, and Response (SOAR) playbooks. • Monitor UEBA system health, including data ingestion ... Splunk Enterprise Security Certified Admin or Splunk Certified Developer certifications. • ...
... Automation, and Response (SOAR) playbooks. • Monitor UEBA system health, including data ingestion ... Splunk Enterprise Security Certified Admin or Splunk Certified Developer certifications. • ...
Sr. SIEM & SOAR LEAD
Tampa, FL · On-site
$52.25 - $71.50/hr
Subject matter expertise in SIEM and SOAR products such as Splunk, Elastic, Datadog, Phantom, Torq, etc. Experience with scripting is highly preferred like Python, Ansible etc. Experience in creating ...
Sr. SIEM & SOAR LEAD
Tampa, FL · On-site
$52.25 - $71.50/hr
Subject matter expertise in SIEM and SOAR products such as Splunk, Elastic, Datadog, Phantom, Torq, etc. Experience with scripting is highly preferred like Python, Ansible etc. Experience in creating ...
Implement, manage, and optimize SIEM and SOAR solutions (Splunk, Elastic, Datadog, Cribl ... Experience with scripting and automation (Python, Ansible, PowerShell). * Working knowledge of ...
Implement, manage, and optimize SIEM and SOAR solutions (Splunk, Elastic, Datadog, Cribl ... Experience with scripting and automation (Python, Ansible, PowerShell). * Working knowledge of ...
Job Opening for SOAR Engineer
Hillsborough, NJ · On-site
$45 - $50/hr
Cortex XSOAR, Splunk SOAR, IBM Resilient Experience in SOAR playbook development Strong scripting skills: Python, JavaScript/Groovy JIRA integration using REST APIs & automation rules Knowledge of ...
Quick apply
Job Opening for SOAR Engineer
Hillsborough, NJ · On-site
$45 - $50/hr
Cortex XSOAR, Splunk SOAR, IBM Resilient Experience in SOAR playbook development Strong scripting skills: Python, JavaScript/Groovy JIRA integration using REST APIs & automation rules Knowledge of ...
Soar Automation Splunk Phantom information
See salary details
$51.5K - $62.1K
0% of jobs
$62.1K - $72.7K
0% of jobs
$72.7K - $83.3K
3% of jobs
$83.3K - $93.9K
9% of jobs
$93.9K - $104.5K
12% of jobs
$105K is the 25th percentile. Wages below this are outliers.
$104.5K - $115K
17% of jobs
The median wage is $119.8K / yr.
$115K - $125.6K
20% of jobs
$134.4K is the 75th percentile. Wages above this are outliers.
$125.6K - $136.2K
17% of jobs
$136.2K - $146.8K
12% of jobs
$146.8K - $157.4K
5% of jobs
$157.4K - $168K
5% of jobs
$51.5K
$121.9K
$168K
How much do soar automation splunk phantom jobs pay per year?
As of Jun 14, 2026, the average yearly pay for soar automation splunk phantom in the United States is $121,854.00, according to ZipRecruiter salary data. Most workers in this role earn between $104,000.00 and $136,500.00 per year, depending on experience, location, and employer.
What are some common challenges faced by professionals working with SOAR Automation in Splunk Phantom, and how can they be addressed?
Professionals in SOAR Automation using Splunk Phantom often encounter challenges such as integrating diverse security tools, managing complex playbooks, and ensuring seamless automation without disrupting existing workflows. To address these, it's important to maintain clear documentation, conduct thorough testing of playbooks, and collaborate closely with IT and security operations teams. Continual learning and staying updated on platform updates and best practices can also help mitigate these challenges and enhance overall automation effectiveness.
What are the key skills and qualifications needed to thrive as a SOAR Automation (Splunk Phantom) Engineer, and why are they important?
To thrive as a SOAR Automation (Splunk Phantom) Engineer, you need a solid background in cybersecurity, scripting/programming (such as Python), and experience with security operations, typically supported by a relevant degree or certifications like CISSP or Splunk certifications. Familiarity with SOAR platforms such as Splunk Phantom, SIEM systems, REST APIs, and automation frameworks is essential. Strong problem-solving, communication, and teamwork skills help you effectively design and implement automated workflows and collaborate with cross-functional teams. These skills are critical for enhancing incident response efficiency, reducing manual workloads, and improving overall security posture.
What is a SOAR Automation Engineer specializing in Splunk Phantom?
A SOAR Automation Engineer specializing in Splunk Phantom is a cybersecurity professional responsible for automating security operations and incident response workflows using Splunk Phantom, a Security Orchestration, Automation, and Response (SOAR) platform. They design, develop, and maintain playbooks that integrate various security tools to streamline threat detection and response processes. Their role helps organizations respond faster to threats, reduce manual workloads, and improve overall security posture.
Continuous Monitoring Team Lead (Splunk)
Science Applications International CorporationArlington, VA • On-site
Full-time
Posted 4 days ago
SAIC rating
7.8
Based on 78 frontline employees who took The Breakroom Quiz
71st of 204 rated it services
Job description
Job Description
SAIC is seeking qualified applicants to support a cutting-edge data, analytics, and AI platform. The Continuous Monitoring Team Lead (Splunk) is a critical SME role working across Splunk, ServiceNow, and supporting security platform technologies to build analytic maturity and integrations with SOAR, UEBA, and Zero Trust Architecture. Mature analytics and normalized data will support 10+ cyber teams who are also working with other task areas that handle customer relationships, service portfolio and catalog management, software engineering & development, data/AI engineering, IT systems operations, and use case intake and analytics for DoW enterprise-scale mission objectives expected in Spring/Summer 2026.
Positions are contingent pending contract award.
The work will be performed in the Alexandria, Virginia. Some work may be performed remotely, subject to Government approval.
Job Responsibilities:
Qualifications
Knowledge, Skills, Abilities, and Competencies:
About Us
SAIC® is a premier mission integrator focused on advancing the power of technology and innovation to serve and protect our world. Our robust portfolio of offerings across the defense, space, intelligence, and civilian markets includes secure high-end solutions in mission IT, enterprise IT, engineering services, and professional services. We integrate emerging technology, rapidly and securely, into mission critical operations that modernize and enable critical national imperatives.
We are approximately 23,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.3 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom.
SAIC is seeking qualified applicants to support a cutting-edge data, analytics, and AI platform. The Continuous Monitoring Team Lead (Splunk) is a critical SME role working across Splunk, ServiceNow, and supporting security platform technologies to build analytic maturity and integrations with SOAR, UEBA, and Zero Trust Architecture. Mature analytics and normalized data will support 10+ cyber teams who are also working with other task areas that handle customer relationships, service portfolio and catalog management, software engineering & development, data/AI engineering, IT systems operations, and use case intake and analytics for DoW enterprise-scale mission objectives expected in Spring/Summer 2026.
Positions are contingent pending contract award.
The work will be performed in the Alexandria, Virginia. Some work may be performed remotely, subject to Government approval.
Job Responsibilities:
- Lead the Continuous Monitoring Team in designing, building, and maturing enterprise cybersecurity analytics across Splunk, supporting continuous monitoring objectives across all CSP/security enclaves.
- Architect and develop advanced Splunk use cases, dashboards, and custom applications to enable proactive detection, visibility, and decision support for 10+ cyber teams.
- Design and implement data normalization strategies, including field extractions, CIM alignment, and data model optimization to improve analytic fidelity and reuse.
- Integrate Splunk with ServiceNow, SOAR platforms, UEBA capabilities, and Zero Trust Architecture to enable automated workflows and enriched operational context.
- Identify and close visibility gaps by engineering new analytics, correlations, and data onboarding strategies to enhance enterprise monitoring coverage.
- Collaborate with data/AI engineering teams to incorporate AI/ML-driven analytics, automation, and intelligent alerting into Splunk-based monitoring solutions.
- Evaluate and optimize data quality, ingestion pipelines, and telemetry sources to ensure high-confidence analytics and reduced false positives.
- Develop reusable analytic content and patterns based on threat intelligence, lessons learned, and evolving mission requirements, enabling other teams to scale detection and monitoring capabilities.
Qualifications
- Bachelors & 14+ years of related experience, Masters & 12+ years of experience, or PhD or JD & 9+ years of experience.
- Active TS/SCI Clearance
Knowledge, Skills, Abilities, and Competencies:
- Deep expertise in Splunk architecture, including experience manipulating the functionality of Splunk roles and clustering architectures. Splunk Enterprise Security certification preferred. Splunk Architect, Consultant, or Defense Engineer certification preferred. Splunk Admins with well-defined Splunk App Building experience will be considered. At least a Splunk Administrator certification is required, with growth expectation of achieving Splunk Architect in 12 months or less.
- Demonstrated ability to build and deploy custom Splunk apps, preferably including development with AI agents in controlled environments and promotion to production.
- Strong proficiency in data normalization, including field extraction, CIM compliance, and extensive use of Splunk data models for scalable analytics.
- Advanced understanding of how data quality impacts analytics, CMDB alignment, AI/ML effectiveness, incident noise reduction, and Zero Trust implementations.
- Experience integrating Splunk with enterprise platforms such as ServiceNow, Splunk SOAR, and Splunk UEBA, and ServiceNow to support automation and operational workflows.
- Ability to design and deliver analytic outputs and reporting that provide actionable insights into system performance, vulnerabilities, and cybersecurity posture.
- Relevant DoD 8140 (or 8570 equivalent) certification required; advanced certifications (e.g., CISSP, CCSP) and exposure to AI/ML or data engineering concepts preferred.
About Us
SAIC® is a premier mission integrator focused on advancing the power of technology and innovation to serve and protect our world. Our robust portfolio of offerings across the defense, space, intelligence, and civilian markets includes secure high-end solutions in mission IT, enterprise IT, engineering services, and professional services. We integrate emerging technology, rapidly and securely, into mission critical operations that modernize and enable critical national imperatives.
We are approximately 23,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.3 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom.
About Science Applications International
Sourced by ZipRecruiter