Cyber security incident response & Soc response technology architect-6months-London
Posted on May 13, 2021 by Kirtana Consulting
Kirtana consulting is looking for Cyber security incident response &Soc response technology architect role for 6months rolling contract in London.
Minimum years of experience*:
- Minimum of 6+ years of experience in experience in SOC & SOAR tools specifically on Palo Alto XSOAR and Playbook customizations
Must Have Skills:
- Cybersecurity incident response & SOC Operations
- With IDS/IPS, SEIM, Endpoint solutions and technologies
Nice to have skills:
- Installation, configuration, and operation of high-end security solutions
- developing the Playbooks & SOPs (SOAR platform)
Top 3 responsibilities you would expect the Subcon to shoulder and execute*:
- Ability to configure custom dashboard
- Configuration of MTTD (mean time to detect) & MTR (Mean time to response) based metrics
- Provide support to the Security Incident Response Team and SOC in the effective detection, analysis, and containment of attacks, as well as researching potential IOCs and linking to intelligence
- Monitoring of security procedures and practices; recommend optimizations and improvements when gaps are identified
Any additional information you would like to share about the project specs/nature of work:
- Assist the SOC Monitoring & IR team in analysis and resolution of Major incidents.
- Escalate true positives to Incident status and assist in relevant incident response
- Collaborate with IR team to recommend and mitigate the effects caused by an incident.
- Perform technical cyber security investigations on security incidents, root cause analysis and deep dive analysis of malicious artifacts, analyze threat intelligence, identify TTP and attack patterns.
- Help mature the Security Incident Response process to ensure it meets the needs of the global business and is adhered to.
- Work with clients to develop and deploy custom automations, playbooks and integrations on the XSOAR platform
- Engage with Product, Support and Engineering teams to resolve client issues efficiently and quickly
- Engage with clients to provide technical guidance on use case definition, workflow automation, migration, deployment, and usage of the XSOAR platform (CORTEX)
- Assist customers with their Incident Response efforts leveraging Cortex XSOAR for Security Orchestration Automation and Response.
- Learn & understand the customer's business requirements and the threat landscape that is most applicable to their industry's vertical sector
- Lead Cortex XSOAR technical implementation/operations in a customer environment
- Interact with Security and IT technologies relating to customer environment
- Ability to communicate effectively in crisis situations with all levels of an organization from Engineering/Operations to CIO/CISO audiences
- Ability to create documentation for Palo Alto Networks Cortex XSOAR playbooks
- Ability to refine and translate complex requirements and execute best practice solutions