P

Phoenix Cyber Tech Stack

Security services firm delivering incident response, SOAR, and threat hunting for enterprise and federal clients

Computer and Network Security Scottsdale, AZ 11–50 employees Founded 2011 Privately Held

Phoenix Cyber operates a services-led security practice built on Python, Bash, PowerShell, and a deep SOAR/SIEM stack (Swimlane, Splunk, Elastic). The hiring mix—security roles outnumbering engineering 25:11, skewed toward senior and mid-level—reflects a services delivery model where implementation and advisory drive revenue. Active projects cluster around automation (incident response, security orchestration, endpoint DLP integration) and detection (STIG development, rule tuning for IDS/SIEM), suggesting the firm is moving clients from manual triage toward operationalized response workflows.

Tech Stack 50 technologies

Core StackPython C# JavaScript Node.js Docker Kubernetes Linux AWS Elasticsearch Kafka Splunk ServiceNow Java MongoDB Bash PowerShell Swimlane Google Azure Logstash Kibana Elastic Cloud on Kubernetes Beats SOAR SIEM DLP AWS WAF REST SOAP Git+20 more

What Phoenix Cyber Is Building

◆Challenges

Data loss prevention configuration
Email data protection design
Complex cybersecurity assessment
Automating incident response
Manual incident response
Reducing false alarms
Detecting anomalous activity in large data sets
Developing detection rules for ids and siem
Security operations process enhancement
Secure data exchange

▲Active Projects

Custom plugin development
Endpoint data protection program
Security incident automations
Endpoint dlp design and integration
Incident response automation
Security orchestrations
Data ingestion pipeline
Security orchestration design
Stigs development
Software tool requirements

Hiring Activity

Steady40 roles · 15 in 30d

Department

Security

25

Engineering

11

Seniority

Senior

17

Mid

14

Junior

3

Lead

2

Notable leadership hires: Training Lead

Company intelligence

Find more companies like Phoenix Cyber by tech stack, pain points and active projects

Get started free

About Phoenix Cyber

Phoenix Cyber provides security engineering, operations, and incident response services to Fortune 500 enterprises, federal government agencies, and service providers. Founded in 2011, the company offers a range of professional services including incident response, security orchestration and automation (SOAR), threat hunting, endpoint and data protection, cloud security, and strategic advisory. The firm holds CMMI Level 3, ISO 9001:2015, ISO 27001:2013, and ISO 20000-1:2011 certifications. Based in Scottsdale, Arizona, Phoenix Cyber operates with approximately 11–50 employees and maintains a steady hiring pace focused on senior security talent and specialized engineering roles.

HeadquartersScottsdale, AZ

Company Size11–50 employees

Founded2011

Hiring MarketsUnited States

Frequently Asked Questions

What is Phoenix Cyber's tech stack?

Python, Bash, PowerShell, C#, and Node.js for development; Swimlane SOAR, Splunk, and Elastic Stack (Elasticsearch, Logstash, Kibana) for security operations; Docker and Kubernetes for orchestration; AWS, Azure, and Google Cloud for infrastructure; ServiceNow for IT service management.

What does Phoenix Cyber specialize in?

Security orchestration and automation (SOAR), incident response automation, threat hunting, endpoint and data loss prevention (DLP), SIEM deployment, cloud security, and compliance-driven security advisory. The company focuses on helping organizations operationalize security detection and response workflows.