SOAR Developer Engineer

RESPONSIBILITIES:

• Assess, design, and improve SOC processes and workflows with a focus on integrating automation through Security Orchestration, Automation and Response (SOAR) tools and technologies.
• Work closely with the Security Operations Center (SOC) and Security Engineering teams to improve existing automation and deliver resilient security solutions.
• Implement new SOC automation and ensure continued compatibility with existing detection and response tools.
• Responsible for analyzing, building, testing, deploying, maintaining and documenting new SOAR (security orchestration and automation response) playbooks to extend the existing automation capabilities of the Cyber Security Teams. 
• Assist with the design, engineering, deployment, and maintenance of playbooks and custom automation products as threats change and new security tools and controls emerge. 
• Develop integrations with 3rd party services and APIs. 

Qualifications 

• 3-5 years of security engineering experience with SOAR, Security Operations, Incident Response 
• Proficient in Python scripting language
• Development of Build/Run processes to ensure systems are properly maintained and operating effectively 
• Experience with various SIEM technologies (Sentinel, Splunk, Chronicle, etc)
• Understanding of security frameworks (MITRE ATT&CK, NIST CSF, etc.) 
• Agile development experience 
• Experience authoring security runbooks, policy, and best practice documentation 
• Your credentials will also include a sound knowledge of DevOps, JSON, XML, Rest APIs, GIT, JIRA, Bitbucket and Confluence 

NICE TO HAVE SKILLS AND EXPERIENCE:

• Understanding of classic and emerging threat actor tactics, techniques and procedures in both pre and post-exploitation phases of attack lifecycles.
• Experience using Python for the purpose of automating security operations and incident response processes.
• Strong understanding of security architecture, tool integration, API development and automation.
• Deep understanding of Incident Response processes.
• Understanding of common SOC and SOAR processes and workflows.
• SANS/GIAC, OSCP or similar certifications.
• DevSecOps CI/CD Pipeline Hands-on Experience

What we offer 

·         A rewarding work: we offer a purpose, a competitive income and promotions based on performance 

·         Managers that empower your ideas and your decision-making abilities. You’re encouraged to show your good vibe, determination, and open mindedness 

·         A professional, passionate, driven, but at the same time fun workplace. It is also flexible, including Work from Home opportunities] 

·         Medical providers to choose from with premium benefits for you and your loved ones 

·         The better you feel, the better you work. We nurture you with highly modern office that includes plenty of fun and relaxing areas to boost your creativity. We also facilitate copiously retailer discounts, cultural and CSR activities, employee sport clubs, workshops & more. 

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.