SIEM/SOAR Operational Consultant (RARR Job 5842)

Role Overview

We are looking for experienced professionals in SIEM/SOAR Operations and Troubleshooting, with strong hands-on expertise in Splunk SOAR and related security platforms. The role requires deep understanding of SIEM implementation, integrations, automation, and incident response playbooks.

Mandatory / Required Skills

• Hands-on experience in SOAR implementation
• Strong expertise in Splunk SOAR
• Knowledge of KQL
• Experience with Splunk SIEM
• Proven troubleshooting skills in SIEM/SOAR environments

Platform Engineering – Key Skill Requirements

Candidates should have hands-on experience in the following areas:

• Installation and implementation of SIEM solutions
• Integration of log sources such as:
  • Firewalls
  • EDR
  • Windows & Linux systems
• Upgrade and maintenance of SIEM platforms
• Syslog server implementation
• End-to-end platform troubleshooting

SOAR – Key Skill Requirements

Candidates must demonstrate expertise in:

• Creating and deploying SOAR playbooks, including:
  • Incident enrichment
  • Containment
  • Automated response workflows
• Integration of third-party security tools for automation (Firewall, EDR, XDR, etc.)
• Custom integrations of security solutions with SOAR platforms