As a SOAR Automation Developer, you will be part of the CYBER D&R Automation team. You need possess an understanding of Indicators of Compromise, characterization and forensic engineering of compromised systems, operations security, compliance, mitigation, and analysis through tools that detect advanced threats.
· Develop automation playbooks using modern SOAR Platforms (for example, ServiceNow SOAR, Splunk SOAR, Swimlane) to support Security Operations
· Design and Develop Integration solutions to other security appliances such as Exabeam, Chronicle, Crowdstrike, Splunk ES by leveraging SOAR Platform
· Test, customize and master APIs for off-the-shelf and common security and IT tools
· Maintain a solid understanding of the Cyber Security Operation Center (people, process, SIEM technology), goals, and security initiatives
· Identify and recommend operational improvements to the organization's Cyber Service, drawing on SOC operational experience and industry specific knowledge of risks
· Manage any in scope solution projects (integration/ implementations)
· Manage communications with vendors, 3rd party service providers, organization's leadership, and client personnel when required
· Analyze complex issues to determine client impact and to suggest alternative solutions based on client needs and objectives
· Adhere to internal operational security and other organizational policies
· Contribute to team and organizational improvements in process and infrastructure
