Cybersecurity Lead

Colombo - Sri Lanka

Monthly Salary: Not Disclosed

Posted on: 15 hours ago

Vacancies: 1 Vacancy

Job Summary

Key responsibilities and Accountabilities

Develop and optimize automation workflows within Torq Hyperautomation or other SOAR platforms such as XSOAR Splunk SOAR LogicHub Swimlane
Build API integrations between security tools such as SIEMs EDRs XDRs case management systems and cloud platforms
Extensively work with JSON formatting parsing and data transformations to enable seamless data exchange across multiple security platforms
Streamline incident response automation to improve efficiency reduce MTTR and enhance security event correlation
Design and maintain fault tolerant automation processes that scale across thousands of clients
Maintain and optimize CI CD pipeline infrastructure within a SOAR platform
Collaborate with SOC analysts DFIR teams and threat intelligence groups to refine and enhance automation capabilities
Lead migration projects to improve automation platforms ensuring seamless transitions without impacting security operations
Continuously evaluate and implement emerging automation techniques to enhance SOC and MSSP workflow

Must Have Skills and Experience

1 years of experience in security automation SOAR engineering or cybersecurity automation within an MSSP DFIR or enterprise security environment
Extensive experience working with JSON including JSON schema design manipulation parsing and API-based data transformations
Strong scripting skills in Python PowerShell or Bash for workflow automation
Proficiency in API development and integration including RESTful APIs JSON-based APIs and webhook automation
Experience working with SIEM such as Splunk Sentinel QRadar Rapid7 IDR and EDR or XDR tools such as CrowdStrike SentinelOne Stellar Cyber Cortex XDR
Knowledge of incident response threat intelligence and security event lifecycle management

Nice to Have Skills

Experience in multi-client environments MSSP IR firms or security service providers
Hands-on experience with Torq Hyperautomation XSOAR Splunk SOAR or similar platforms
Certifications such as Torq SOAR Analyst Torq SOAR Expert CompTIA Security AWS or Azure Security Certifications
Proficiency in using JQ filters for data manipulation
Familiarity with CI/CD pipelines such as Azure DevOps
Experience automating cloud security workflows (AWS Azure Google Cloud)
Familiarity with case management automation and cross-platform data normalization
Prior experience leading SOAR migration projects or developing custom security playbooks

Key responsibilities and AccountabilitiesDevelop and optimize automation workflows within Torq Hyperautomation or other SOAR platforms such as XSOAR Splunk SOAR LogicHub SwimlaneBuild API integrations between security tools such as SIEMs EDRs XDRs case management systems and cloud platformsExtensive...

Key responsibilities and Accountabilities

Develop and optimize automation workflows within Torq Hyperautomation or other SOAR platforms such as XSOAR Splunk SOAR LogicHub Swimlane
Build API integrations between security tools such as SIEMs EDRs XDRs case management systems and cloud platforms
Extensively work with JSON formatting parsing and data transformations to enable seamless data exchange across multiple security platforms
Streamline incident response automation to improve efficiency reduce MTTR and enhance security event correlation
Design and maintain fault tolerant automation processes that scale across thousands of clients
Maintain and optimize CI CD pipeline infrastructure within a SOAR platform
Collaborate with SOC analysts DFIR teams and threat intelligence groups to refine and enhance automation capabilities
Lead migration projects to improve automation platforms ensuring seamless transitions without impacting security operations
Continuously evaluate and implement emerging automation techniques to enhance SOC and MSSP workflow

Must Have Skills and Experience

1 years of experience in security automation SOAR engineering or cybersecurity automation within an MSSP DFIR or enterprise security environment
Extensive experience working with JSON including JSON schema design manipulation parsing and API-based data transformations
Strong scripting skills in Python PowerShell or Bash for workflow automation
Proficiency in API development and integration including RESTful APIs JSON-based APIs and webhook automation
Experience working with SIEM such as Splunk Sentinel QRadar Rapid7 IDR and EDR or XDR tools such as CrowdStrike SentinelOne Stellar Cyber Cortex XDR
Knowledge of incident response threat intelligence and security event lifecycle management

Nice to Have Skills

Experience in multi-client environments MSSP IR firms or security service providers
Hands-on experience with Torq Hyperautomation XSOAR Splunk SOAR or similar platforms
Certifications such as Torq SOAR Analyst Torq SOAR Expert CompTIA Security AWS or Azure Security Certifications
Proficiency in using JQ filters for data manipulation
Familiarity with CI/CD pipelines such as Azure DevOps
Experience automating cloud security workflows (AWS Azure Google Cloud)
Familiarity with case management automation and cross-platform data normalization
Prior experience leading SOAR migration projects or developing custom security playbooks