Automation Engineer- Jordan

Scope of Work:

• Develop and maintain automation scripts and tools to streamline security operations and response processes, reducing manual tasks and improving efficiency.
• Collaborate with cybersecurity analysts and IT teams to identify repetitive and time-consuming tasks that can be automated, such as alert triage, incident response actions, and reporting.
• Design, test, and implement automation workflows using scripting languages (e.g., Python, PowerShell) and automation platforms (e.g., Phantom, Ansible) to integrate security tools and systems.
• Work closely with the security engineering team to integrate and automate security scanning tools, vulnerability management systems, and other security solutions within the CSOC environment.
• Contribute to the continuous improvement of the security incident and event management (SIEM) system by automating the ingestion, parsing, and normalization of log data from various sources.
• Develop and maintain documentation for automation scripts, workflows, and procedures to ensure clarity and consistency in automated operations.
• Monitor the effectiveness of automation strategies and tools, making adjustments and updates as necessary to address new security challenges and operational needs.
• Participate in security incident response efforts, leveraging automation to accelerate detection, analysis, and remediation activities.
• Stay abreast of the latest cybersecurity threats, technologies, and automation best practices, incorporating innovative approaches into the CSOC's automation strategy.
• Engage in knowledge sharing and training sessions with CSOC team members to increase awareness and understanding of automation capabilities and benefits.