SOAR Engineer

Job Title: SOAR Engineer

Job Location: Ottawa ON

Job Code: 39852

Job Schedule: Day Shift

Compensation Range: Between $85500 - $135500 CDN annually

Join our team as a SOAR Engineerand take the lead in designing implementing and optimizing our Security Orchestration Automation and Response (SOAR) this role you will be the technical driver behind our security automation capabilities responsible for building and refining workflows that detect analyze and respond to cyber threats with speed and precision.

As our SOAR Engineer you will integrate a diverse set of security tools APIs and platformsincluding open-source solutions like Shuffleto streamline incident response and enhance our ability to counteract advanced threats. Your work will directly contribute to the resilience and agility of our clients security posture making you a key player in our mission to deliver unparalleled protection.

Essential Functions:

• Develop and deploy manually selected and automated security processes to detect analyze and respond to cyber threats. Create and optimize playbooks to standardize incident response and ensure consistency across the security operations center (SOC).
• Connect and orchestrate a wide range of security technologies including SIEMs (e.g. Wazuh Security Onion) firewalls IDS/IPS threat intelligence platforms and ticketing systems to create a unified and automated security ecosystem. Experience with open-source SOAR tools like Shuffle is a strong asset.
• Build and maintain automation scripts (e.g. Python PowerShell) and workflows to eliminate manual repetitive tasks reducing response times and minimizing human error.
• Collaborate with security developers to identify gaps in current processes and develop SOAR solutions to address them ensuring faster and more accurate threat mitigation.
• Oversee the configuration maintenance and optimization of SOAR platforms such as Shuffle ensuring they align with our clients security requirements.
• Provide guidance and training to security developers operators and other stakeholders on SOAR tools playbooks and best practices to foster a culture of automation and continuous improvement.
• Monitor emerging cyber threats and proactively update SOAR workflows and playbooks to address new attack vectors ensuring our defenses are adaptive.
• Work closely with cyber developers DevOps and other security teams to ensure seamless integration of SOAR capabilities into broader security and operational frameworks.

Qualifications:

• Education: Bachelors degree in Computer Science Engineering Cybersecurity or a related technical field (or equivalent experience).
• Experience: 5 years of hands-on experience in cybersecurity with a focus on security operations incident response or SOAR implementation. Proven track record in designing and deploying automated security workflows.
• SOAR Platform Expertise: Experience with SOAR platformssuch as Cortex XSOAR Splunk Phantom IBM Resilient or open-source alternatives like Shuffle. Familiarity with Shuffle is considered a strong asset.
• SIEM Familiarity: Strong understanding of SIEM tools(e.g. Splunk QRadar ArcSight Wazuh) and their role in security monitoring and incident detection.
• Scripting and Automation: Proficiency in scripting languages such as Python or PowerShellfor automating security tasks and building custom integrations. Familiarity with automation tools like Ansible Chef or Puppet is a plus.
• Security Tool Integration: Experience integrating and orchestrating security tools including firewalls IDS/IPS threat intelligence platforms and ticketing systems.
• Problem-Solving: Strong analytical and creative problem-solving skills with the ability to address complex security challenges.
• Communication and Collaboration: Excellent verbal and written communication skills with the ability to mentor team members and collaborate effectively across departments.
  
  

Eligibility Criteria (Mandatory):

• Must be eligible for registration with theControlled Goods Program;
• Must be eligible to obtain and maintain a government of Canada Reliability status and Level 2 (Secret)security clearance.

L3Harris is proud to be an equal opportunity employer and is committed to treating all of its employees and job applicants with respect and dignity and to maintaining a workplace free from discrimination. Anyone applying for a position will be considered without regard to the following: race national or ethnic origin colour religion age nationality ancestry ethnicity gender sex sexual orientation gender identity or expression marital status family status genetic characteristics disability citizenship status or conviction for an offence for which a pardon has been granted or in respect of which a record suspension has been ordered or any other characteristic that is protected by applicable human rights legislation.

L3Harris maintains a drug-free workplace and conducts pre-employment drug and alcohol testing and background checks in accordance with applicable law. Such results are only accessible and viewed by individuals at L3Harris who have direct responsibility in the hiring process. If you fail to report for a drug and alcohol test refuse to undergo such test or test positive for the presence of drugs or alcohol the hiring process may be concluded or your offer of employment may be rescinded in L3Harris sole discretion.

This job is for an existing vacancy