SOAR developer - Security Orchestration Automation and Response engineer
SOAR developer - Security Orchestration Automation and Response engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Division
Cyber Defense Center is part of the Chief Information Security Officer Office. The main responsibility of the team is to reduce the risk of Euroclear cyber threat surface by monitoring for malicious intent targeted at Euroclears services its supporting assets and people. We do this through the Cyber Threat Management (CTM) capabilities Security Operations Centre (SOC) which includes monitoring (Tier 1 & Tier 2 and Cyber Incident & Response Team (CIRT; Tier 3 Detection & Response Engineering Team (D&R Eng. and Compliance and Assurance Team (C&A). This includes cyber threat intelligence brand and digital footprint monitoring security incident and event monitoring cyber analytics incident management and forensic 1 VD2
CDC supports capabilities within the security domain and acts as subject matter expert across all divisions in the company as well as interacts with external stake holders including customers oversight bodies threat intelligence providers and third parties.
The Detection & Response Engineering team is comprised of
- Detection/System Network Engineers who implement and maintain threat detections.
- SOAR developers who develop responses such as playbooks automations etc.
Candidates in this role are responsible for the development and maintenance of the code and capabilities of the Security Orchestration Automation and Response (SOAR) platform.
Candidates will work with the Manager of Detection & Response Engineering and will work jointly with our detection engineering threat detection and response teams to specify clear priorities evaluate technical tradeoffs and build highimpact features within the SOAR platform.
The candidates main responsibilities will be to:- Focus on the development maintenance and delivery of new Security Orchestration and Automation content including custom SOAR Playbooks Automations/Scripts Jobs dashboards reports widgets RESTful API integrations and code via Continuous Integration / Continuous Delivery pipelines adhering to an Agile development practice
- Reduce Incident Response efforts and increase quality leveraging XSOAR for Security Orchestration Automation and Response (SOAR)
- Automate manual SOC procedures and develop implement and maintain playbooks
- Detail SOAR workflows scripts and develop test and debug code and use established code repository for tracking.
- Use python/other scripting languages to perform the customizations to develop the required automation.
- Work with the existing playbook framework and ensure the amendments are hooked accurately to the existing framework.
- Prioritize and coordinate backlog of SOAR integration and automation requests making sure we have a healthy balance between defect resolution and new features.
- Work in partnership with the incident response team to craft find opportunities for improvement
Technical Skills
- 3 year prior experience in a similar position
- Sophisticated knowledge of the Palo Alto Cortex XSOAR platform
- Ability to create documentation for Palo Alto Networks Cortex XSOAR playbooks
- Proficient in Python JavaScript and PowerShell are an asset
- Good understanding of REST/SOAP/WSDL/XML (Web services)
- Understanding of cybersecurity incident response procedures experience as a Security Incident Responder or SOC analyst is a plus
- Strong understanding of cybersecurity technologies protocols and applications
- Strong analytical skills to evaluate complex multivariate problems and find a systematic approach to gain a quick resolution often under stress!
- Strong problem solving documentation process time management and interpersonal skills.
- Ability to communicate sophisticated information concepts or ideas in a confident and wellorganized manner through verbal written and/or visual means.
- Passion and drive to work in startup division with potential of significant growth in scope and services
#LINS1
Employment Type
Full Time
