Senior SOAR Automation Engineer(remote)

Become a part of our caring community and help us put health first
 Are you a skilled security automation expert with a passion for streamlining incident response and improving security operations? We're looking for a Senior SOAR Engineer to design, implement, and optimize our Security Orchestration, Automation, and Response (SOAR) platform. In this role, you'll collaborate with cybersecurity teams to develop playbooks, integrate security tools, and enhance our overall threat detection and response capabilities. If you thrive in a fast-paced environment and have a strong background in automation, scripting, and security operations, we want to hear from you!

Key Responsibilities:

• Design & Implementation: Architect, deploy, and maintain Splunk SOAR solutions to enhance security automation and incident response capabilities.
• Playbook Development: Develop, test, and optimize custom automation playbooks to streamline security workflows, reduce manual effort, and improve response times.
• Integration & Optimization: Integrate Splunk SOAR with various security tools (SIEM, EDR, threat intelligence, ticketing systems, etc.) to ensure seamless automation and data sharing.
• Incident Response Automation: Collaborate with SOC and incident response teams to automate and orchestrate security operations, reducing mean time to detect (MTTD) and mean time to respond (MTTR).
• Customization & Scripting: Leverage Python and other scripting languages to create custom connectors, API integrations, and automation scripts for security processes.
• Monitoring & Troubleshooting: Continuously monitor SOAR performance, troubleshoot issues, and fine-tune automation workflows for maximum efficiency and reliability.
• Security Best Practices: Ensure all SOAR implementations align with security best practices, compliance requirements, and industry standards to maintain a robust security posture.
• Collaboration & Training: Work closely with SOC analysts, security engineers, and IT teams to educate and train them on automation processes and playbook execution.
• Tracking & Metrics: Develop metrics to consistently track the performance and value of automations being performed by SOAR.
• Continuous Improvement: Stay up to date with emerging threats, new Splunk SOAR features, and automation advancements to drive innovation in security operations.

Use your skills to make an impact
 

Required Qualifications:

• Minimum 5+ years of experience in security operations, cybersecurity engineering, or security automation, with at least 3 years of hands-on experience with Splunk and Splunk SOAR (formerly Phantom).
• Strong understanding of SOAR architecture, playbook development, and security automation best practices.
• Experience integrating SOAR with SIEM (Splunk Enterprise Security preferred), EDR, firewalls, threat intelligence platforms, and other security tools.
• Proficiency in Python, REST APIs, and scripting languages for playbook development and tool integration.
• Familiarity with languages like JSON and YAML for automation workflows and data manipulation.
• Strong understanding of cybersecurity frameworks (MITRE ATT&CK, NIST, CIS) and incident response methodologies.
• Experience working with SOC environments, threat hunting, and security event triage.
• Knowledge of network security, endpoint security, and cloud security principles.
• Strong problem-solving and analytical skills with a proactive mindset.
• Ability to work independently and collaboratively with SOC, IT, and engineering teams.
• Excellent written and verbal communication skills, with experience documenting automation workflows and processes.
• Capability to take on and develop automation solutions with minimum oversight.

Preferred Qualifications:

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field.
• Certifications with Splunk or related technologies.
• CISSP or equivalent industry certification.

Remote/WAH requirements:

• WAH requirements: Must have the ability to provide a high speed DSL or cable modem for a home office. Associates or contractors who live and work from home in the state of California will be provided payment for their internet expense.
• A minimum standard speed for optimal performance of 25x10 (25mpbs download x 10mpbs upload) is required.  
• Satellite and Wireless Internet service is NOT allowed for this role.
• A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information

Scheduled Weekly Hours

40

Pay Range

The compensation range below reflects a good faith estimate of starting base pay for full time (40 hours per week) employment at the time of posting. The pay range may be higher or lower based on geographic location and individual pay will vary based on demonstrated job related skills, knowledge, experience, education, certifications, etc.

$106,900 - $147,000 per year

This job is eligible for a bonus incentive plan. This incentive opportunity is based upon company and/or individual performance.

Description of Benefits

Humana, Inc. and its affiliated subsidiaries (collectively, “Humana”) offers competitive benefits that support whole-person well-being. Associate benefits are designed to encourage personal wellness and smart healthcare decisions for you and your family while also knowing your life extends outside of work. Among our benefits, Humana provides medical, dental and vision benefits, 401(k) retirement savings plan, time off (including paid time off, company and personal holidays, volunteer time off, paid parental and caregiver leave), short-term and long-term disability, life insurance and many other opportunities.Application Deadline: 03-20-2025
About us
 Humana Inc. (NYSE: HUM) is committed to putting health first – for our teammates, our customers and our company. Through our Humana insurance services and CenterWell healthcare services, we make it easier for the millions of people we serve to achieve their best health – delivering the care and service they need, when they need it. These efforts are leading to a better quality of life for people with Medicare, Medicaid, families, individuals, military service personnel, and communities at large.

Equal Opportunity Employer

It is the policy of Humana not to discriminate against any employee or applicant for employment because of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or veteran status. It is also the policy of Humana to take affirmative action to employ and to advance in employment, all persons regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or protected veteran status, and to base all employment decisions only on valid job requirements. This policy shall apply to all employment actions, including but not limited to recruitment, hiring, upgrading, promotion, transfer, demotion, layoff, recall, termination, rates of pay or other forms of compensation and selection for training, including apprenticeship, at all levels of employment.