SIEM SOAR Automation Engineer

Get to know us better

CodiLime is a software and network engineering industry expert and the firstchoice service partner for top global networking hardware providers software providers and telecoms. We create proofsofconcept help our clients build new products nurture existing ones and provide services in production environments. Our clients include both tech startups and big players in various industries and geographic locations (US Japan Israel Europe).

While no longer a startup we have 300 people on board and have been operating since 2011 weve kept our peopleoriented culture. Our values are simple:

• Actto deliver.
• Disruptto grow.
• Team upto win.

The project and the team

We are looking for an openminded passionate about new technologies logically thinking person with a creative approach to solving problems. If you are eager to learn if you like to design deploy and troubleshoot network solutions and if you want to automate repetitive work we would like to offer you a great opportunity to grow with CodiLime. You will have a chance to join a team of specialists who know that every problem can be solved. We have already completed numerous projects in the field of networking cloud or infrastructure automation and monitoring.

We are a team of DevOps Network Engineers and Security Engineers with network automation experience who explore the world of SDN NFV and work with topnotch cybersecurity solutions.

What else you should know:

• Our engineers support projects from the automation development phase through solution deployment and integration to troubleshooting a working service
• We collaborate closely with analysts architects and developer teams
• Our tech stack for the project includes various cybersecurity solutions especially NGFW SASE and SIEM

We work on many interesting projects at the same time so we may invite you for an interview for another project if we consider your competences and profile suitable.

Your role

As a part of the project team you will be responsible for:

• Automating SOC processes to improve the efficiency and accuracy of alert handling
• Cooperating closely with the technical lead to ensure that creating playbooks meets customer requirements and is in line with the best practices
• Sharing your knowledge and expertise during the design phase ensuring the created playbooks are as concise and effective as possible
• Cooperating with the technical lead to create a clear automation process for the customers SOC
• Sharing expertise aroundAutomation best practices and playbook design
• Assisting customers in connecting their security tooling to Cortex XSIAM
• Using the Cortex Marketplace
• Creating playbooks that reflect design intent and customer requirements
• Where required demonstrating playbooks explaining various tasks
• Explaining and demonstrating the value of integrations offering support and setup guidance
• Cooperating with internal and external teams to ensure product adoption
• Creating technical documentation detailing the SIEM aspects of the engagement

Do we have a match

As a SIEM / SOARAutomation Engineer you must meet the following criteria:

• 4 years of deploying and integrating SOAR or SIEM to the enterprise and large enterprise level
• Ability to define create and automate the SOC process through the use of playbooks
• Knowledge of a scripting language (e.g. Python Bash) to develop advanced custom integrations automations for use in playbooks
• Strong understanding of security concepts frameworks and compliance standards with the ability to provide strategic guidance and recommendations
• Advanced APIs knowledge and ability to integrate SOAR or SIEM with variety of security tools and infrastructure components
• Knowledge in the field of incident response processes including triage investigation and remediation
• Strong communication (written and verbal) and presentation skills both internally and externally
• Fluent English is our requirement. Knowledge of any other language will be an additional advantage
• Relevant bachelors degree or industry recognized qualifications
• Ability to read understand and create technical design documentation
• Willingness to work flexible hours (including maintenance windows in different time zones)
• Please be aware that we process CVs written only in English / Polish so kindly submit your CV in one of these languages

Beyond the criteria above we would appreciate the nicetohaves:

• Knowledge of Palo Alto Networks solutions especially Cortex XSIAM XSOAR XDM Splunk
• Experience with Version Control System
• Experience with automation tools

More reasons to join us

• Flexible working hours and approach to work: fully remotely in the office or hybrid
• Professional growth supported by internal training sessions and a training budget
• Solid onboarding with a handson approach to give you an easy start
• A great atmosphere among professionals who are passionate about their work
• The ability to change the project you work on