Cyber Security SOAR Specialist

Job Responsibilities:

Cyber Security SOAR Specialist having experience with the following:

• Utilize strong scripting skills in Python to automate security tasks and processes.
• Design and execute API requests using Python to integrate various security tools and platforms
• scripting experience in (PowerShell, Bash).
• Apply knowledge of Security Orchestration, Automation, and Response (SOAR) concepts to enhance security operations
• Work with SOAR platforms such as Cortex XSOAR and IBM Resilient to streamline incident response and management
• Collaborate with cross-functional teams to identify and mitigate security threats
• Conduct regular security assessments and audits to ensure compliance with industry standards
• Provide technical guidance and support for security-related projects and initiatives
• Stay updated on the latest cybersecurity trends, threats, and best practices
• Participate in incident response activities and contribute to post-incident analysis and reporting
• Create and maintain detailed documentation of security processes, configurations, and integrations.
• Assist in the development and implementation of security policies, procedures, and protocols
• secure a system or device so it can't be tampered with.
• use a range of forensic tools and software to extract and analyze data.
• deal with highly sensitive or confidential data or images, depending on the type of case youre investigating.
• recover damaged, deleted or access hidden, protected or encrypted files.
• collect information and evidence in a legally admissible way.
• write technical reports based on your findings and, if required, give evidence in court as an expert witness.
• SOAR experience including playbook design and integrations.
• Strength in designing custom playbooks and the experience to act as a consultant for clients when designing the workflows.
• Understand customer requirements for SOC service and able to position the offering.
• Prepare proposals and respond to RFP for SOAR & SOC services.
• Ability to work independently with little or no supervision and result oriented.
• Able to execute instructions and to request clarification when needed.
• Able to exhibit ability to be sensitive to the needs, concerns, and feeling of others.
• Able to interact effectively with all levels of management.
• Strong application and infrastructure knowledge; e.g. Tomcat, PostgreSQL, SAML, IMAP, LDAP, Active Directory, SSO.
• Development Environment knowledge in Linux, bash shell programming, git, Gradle, virtual machines, Docker and Podman.

• Working knowledge of Networking concepts (firewalls, DNS, IP addressing, SSL/TLS and certificates).
• 
  Qualifications:
  
  
  
  • Bachelors Degree in Computer Science, Cyber Security, Information Systems or Business Administration.
    
  • Excellent written, verbal communication skills, ability to effectively coordinate multiple priorities in a dynamic environment, strong analytical and negotiating skills & excellent organization and interpersonal skills required
    
  • Proficiency in Python programming language
    
  • Strong knowledge of API requests and integrations using Python
    
  • Familiarity with SOAR concepts and platforms, specifically Cortex XSOAR and IBM Resilient
    
  • Experience in automating security workflows and processes
    
  • Knowledgeable in Windows Domain, network and multi-tier application architectures
    
  • Security software countermeasures
    
  • Persuasive with details and facts
    
  • Ability to work both independently as well as part of a geographically dispersed integrated team
    
  • Ability to balance multiple priorities in a fast-paced, highly collaborative, frequently changing, and sometimes ambiguous environment
    
  • Knowledge of how to use network management tools and packet captures to resolve operational issues
    
  • Familiarity with industry standard network management tools and common application traffic flow patterns in multi-tiered applications
    
  • Expert knowledge in the following technologies:
    
  • Microsoft Active Directory Services
    
  • TCP/IP Based Networking Principles
    
  • Microsoft / Linux Operating Systems
    
  • Firewalls and Perimeter Security
    
  • Proxies and Load Balancers
    
  • Intrusion Detection and Prevention Systems (IDS/IPS)