Lead SOC Developer (SOAR)
Posted on May 15, 2020 by Request Technology - Robyn Honquest
Lead SOC Developer - Python Scripting and coding
Location: Northbrook, IL
Looking for a candidate to join the (SOAR) Security Orchestration Automation and Response for the Global Security Fusion Center. You will develop playbooks on the phantom and resilient platforms. BS or Masters, 5 plus years application care, admin, patching, OSI, DOD module, IPv4/IPv6, layers and protocols. 5 years SOC threat vulnerability management, penetration testing, incident handling, python a must, splunk.
- Closely support and collaborate with other Global Security Fusion Center teams to identify requirements, develop playbooks on the Phantom and Resilient platforms to accomplish the requirements, test playbooks, communicate/coordinate the release of playbooks with affected customers and stake-holders, then release developed automations.
- Python development, credentials management, Firewall Change Requests, etc.
- Build strong partnerships with technical dependency teams
- Light project management
- Expert-level technical hands-on work
- Mentoring other platform engineers in OS, networking, IT operations
- Tracking and driving to completion all of the SOAR development focus group's deliverables
- Other duties as assigned
- Bachelors and/or Masters Degree or equivalent experience in Information Security, Engineering, Computers Science, or related field
- Have 5+ years experience in application care: admin, patching, vendor support interactions, etc.
- Have 5+ years experience in network fundamentals mastery:
- OSI/DoD network models
- typical layer 3 and 4 protocols associated with IP
- application layer protocol knowledge
- stateful inspection Firewalls
- Have 5+ years experience in security operations center related disciplines: threat Intel, vulnerability management, penetration testing, incident handling (preferred), etc...
- 2+ years programming/software development: procedural and OO programming, Scripting, RESTful/SOAP API. Most of our work is with Python, so Python programming is necessary.
- 5+ years SOAR development experience. Preferred candidates will be well versed in >SplunkPhantom.
- REST, API, Phantom and SOAR