Sr. Lead SOAR Developer
Posted on May 9, 2020 by Tri-S Recruiters, Inc.
This person will be responsible for the delivery of all Security Orchestration, Automation and Response activities. A growing team of 4-6 playbook developers will rely on their lead for technical advice and guidance. The LM&A manager will rely on this individual as the single point of contact for all SOAR related activities. This role reports to the Manager of Global Security Fusion Center (GSFC) Lifecycle Management & Automation.
Closely support and collaborate with other SOC teams to identify requirements, develop playbooks on the Phantom and Resilient platforms to accomplish the requirements, test playbooks, communicate/coordinate the release of playbooks with affected customers and stake-holders, then release developed automations.
Python development, credentials management, Firewall Change Requests, etc.
Build strong partnerships with technical dependency teams
Expert-level technical hands-on work
Mentoring other platform engineers in OS, networking, IT operations
Tracking and driving to completion all of the SOAR development focus group's deliverables
Bachelors and/or Master's Degree or equivalent experience in Information Security, Engineering, Computers Science, or related field
5+ years experience in application care: admin, patching, vendor support interactions, etc.
Have 5+ years experience in network fundamentals mastery:
OSI/DoD network models, Ethernet, IPv4/IPv6
typical layer 3 and 4 protocols associated with IP & application layer protocol knowledge
5+ years experience in security operations center related disciplines: threat Intel, vulnerability management, penetration testing, incident handling (preferred), etc...
2+ years programming/software development: procedural and OO programming, Scripting, RESTful/SOAP API. Most of our work is with Python, so Python programming is necessary.
5+ years SOAR development experience. Preferred candidates will be well versed in Splunk Phantom.