Design and Implement SOAR Solutions: Deploy SOAR solutions to automate and enhance security operations workflows, focusing on increasing efficiency and operational effectiveness.
Develop and Maintain Scripts: Create, refine, and maintain custom scripts to automate routine tasks and enhance incident response capabilities, ensuring scripts are optimized for performance and reliability.
Design and Optimize Workflows: Develop and design detailed SOAR workflows and playbooks to streamline security processes, adapting them to address evolving security threats and operational needs.
Integrate Security Tools: Seamlessly integrate various security tools and systems—such as SIEM, EDR, and firewalls—with the SOAR platform to ensure effective data flow and interoperability.
Collaborate with SOC Team: Work closely with the SOC team to identify automation opportunities and design workflows that enhance response capabilities and address security challenges.
Troubleshoot and Resolve Issues: Diagnose and resolve issues related to SOAR platform integrations and automation scripts to ensure smooth and uninterrupted operation.
Review and Update Playbooks: Regularly review and update SOAR playbooks and workflows to ensure they align with the latest threat landscapes and organizational requirements.
Provide Training and Support: Offer training and support to SOC analysts on SOAR platform features, with a focus on scripting and workflow design, to ensure effective utilization and adoption.
Requirements
at least 3+ years of experience in cybersecurity, with a focus on incident response and automation.
Hands-on experience with any SOAR platform.
Proficiency in scripting languages such as Python, PowerShell, or Bash.
Strong understanding of security operations, threat intelligence, and incident response processes.
Excellent problem-solving skills and attention to detail.
