Security Orchestration and Automation Response Developer
Posted on Jul 21, 2020 by Request Technology - Craig Johnson
Prestigious Fortune 500 Company is currently seeking a Security Orchestration and Automation Response Developer. Candidate is responsible for the delivery of all Security Orchestration, Automation and Response activities.
- Closely support and collaborate with other Security Operations Center teams to identify requirements, develop playbooks on the Phantom and Resilient platforms to accomplish the requirements, test playbooks, communicate/coordinate the release of playbooks with affected customers and stake-holders, then release developed automations.
- Python development, credentials management, Firewall Change Requests, etc.
- Build strong partnerships with technical dependency teams
- Light project management
- Expert-level technical hands-on work
- Mentoring other platform engineers in OS, networking, IT operations
- Tracking and driving to completion all of the SOAR development focus group's deliverables
- Bachelors and/or Master's Degree or equivalent experience in Information Security, Engineering, Computers Science, or related field
- Have 5+ years experience in application care: admin, patching, vendor support interactions, etc.
- Have 5+ years experience in network fundamentals mastery:
- OSI/DoD network models
- typical layer 3 and 4 protocols associated with IP
- application layer protocol knowledge
- stateful inspection Firewalls etc.
- Have 5+ years experience in security operations center related disciplines: threat Intel, vulnerability management, penetration testing, incident handling (preferred), etc...
- 2+ years programming/software development: procedural and OO programming, Scripting, RESTful/SOAP API. Most of our work is with Python, so Python programming is necessary.
- 5+ years SOAR development experience. Preferred candidates will be well versed in Splunk/Phantom.
- Outstanding customer service attitude and skill.
- Moderate familiarity with Splunk and Splunk Enterprise Security.
- Passion for constant self-improvement and learning
- Familiar with industry standard security best practices for information security and cyber security operations