Lead SOAR Developer
Posted on Mar 17, 2020 by Request Technology
A fortune 500 company is on the search for a Lead SOAR Developer. This person will be a part of the company's global SOC team and will develop playbooks on the Phantom and Resilient platforms. This person will need experience with coding and Scripting and must have experience coding in Python. They will be working API interactions and REST. This role is revolved around automation and orchestration within the SOAR.
- Closely support and collaborate with other Global Security Fusion Center teams to identify requirements, develop playbooks on the Phantom and Resilient platforms to accomplish the requirements, test playbooks, communicate/coordinate the release of playbooks with affected customers and stake-holders, and then release developed automations.
- Python development, credentials management, Firewall Change Requests, etc.
- Expert-level technical hands-on work
- Mentoring other platform engineers in OS, networking, IT operations
- Tracking and driving to completion all of the SOAR development focus group's deliverables
- Bachelors and/or Master's Degree or equivalent experience in Information Security, Engineering, Computers Science, or related field
- Have 5+ years' experience in application care: admin, patching, vendor support interactions, etc.
- Have 5+ years' experience in network fundamentals mastery:
- OSI/DoD network models
- typical layer 3 and 4 protocols associated with IP
- application layer protocol knowledge
- stateful inspection Firewalls
- Have 5+ years' experience in security operations center related disciplines: threat Intel, vulnerability management, penetration testing, incident handling (preferred), etc.
- 2+ years programming/software development: procedural and OO programming, Scripting, RESTful/SOAP API. Most of our work is with Python, so Python programming is necessary.
- 5+ years SOAR development experience. Preferred candidates will be well versed in >SplunkPhantom.
- Outstanding customer service attitude and skill.
- Moderate familiarity with Splunk and >SplunkEnterprise Security.