SOAR Specialist (Splunk)

Role Overview

Owns end-to-end delivery of the Splunk Phantom (SOAR) platform, covering architecture, design, playbook development, integrations, automation, tuning, and structured handover into security operations.

Key Responsibilities

· Lead solution architecture and detailed design (HLD / LLD) for Splunk SOAR

· Build, configure, and maintain the Splunk SOAR platform and core components

· Design, develop, and optimize automation playbooks for security incident response

· Integrate SOAR with SIEM, EDR, IAM, threat intelligence, and enterprise tooling

· Implement orchestration workflows aligned to SOC processes and use cases

· Test, validate, and tune playbooks to ensure reliability and operational effectiveness

· Troubleshoot platform, integration, and automation issues

· Produce operational documentation and conduct knowledge transfer to run teams

· Support stabilization and transition into BAU operations

Skills and Experience

· Strong hands-on experience with Splunk SOAR (Phantom)

· Proven experience in SOAR architecture, automation, and playbook development

· Strong understanding of SOC operations and incident response workflows

· Experience integrating SOAR with SIEM, EDR, ticketing, and threat intelligence platforms

· Experience producing technical design and operational handover documentation

Key Deliverables

· SOAR solution architecture and design documentation

· Configured and integrated Splunk SOAR platform

· Implemented and validated automation playbooks

· Runbooks, SOPs, and formal handover to operations

Pay: QAR12,000.00 - QAR14,000.00 per month

Education:

• Bachelor's (Required)

Experience:

• Splunk SOAR (Phantom): 3 years (Required)
• integrating SOAR with SIEM, EDR, ticketing: 3 years (Required)

Language:

• Arabic (Required)
• English (Required)

License/Certification:

• degree in computer science (Required)

Location:

• Doha (Required)

Work Location: In person