Drag

DevOps

Location : ,

Job Description

SOAR Engineer

*** Supporting UK customers, so UK hours needed.****

Overview:

The SOAR Engineer must have prior experience in Security Orchestration, Automation and Response (SOAR). The Sr. SOAR Engineer will be responsible for development efforts across internal and client environments related to the automation platform Simplify & TORQ.  The Sr. SOAR Engineer will work closely with Management, other engineers, architects, and clients to complete high profile, critical services.  You will be charged w/  staying in tune with client configurations, availability requirements, and requirements related to the delivery. This includes but is not limited to detection and response, and platform management. 

Requirements:


The Sr. SOAR Engineer will be responsible for development efforts across internal and client environments related to the automation platform Simplify & TORQ.  The Sr. SOAR Engineer will work closely with Management, other engineers, architects, and clients to complete high profile, critical services to Managed Services Clients.  You will be charged w/  staying in tune with client configurations, availability requirements, and requirements related to the delivery of all Managed Services. This includes but is not limited to detection and response, and platform management. 
 
Requirements :

  1. Must have 2+yrs of SOAR development efforts by prioritizing clients work requests, projects and service tasks. (working with a variety of SOAR technologies)
    1. Strong Python, Powershell, bash development skills.
    2. Demonstrated experience with command line and shell scripting.
    3. Creating and maintaining documentation for all playbooks, scripts, integrations, etc & the review of complex SOAR runbooks.
    4. Assist with implementation of SOAR and other automation vendor technologies.
    5. Analyzes and identifies areas of improvement with existing environment and documentation.
  2. Should have prior experience defining processes and procedures for internal projects. 
  3. Familiarity working 3rd party security tool integrations such as EDR, SIEM, SaaS, IaaS, IDaaS.
  4. Familiarity working with threat intelligence products for enrichment of detection and response alerts.
  5. Familiarity working one or more areas to include: Security Information and Event Management (SIEM), end-point security products, email/phishing products, and case management/knowledge management systems such as Service NOW.

General security knowledge (GIAC, CISSP, CCSE, CISA, HBSS, NSA, CEH, Cisco Security, Security +, or other security certifications).