Security Orchestration Automation Response (SOAR) Expert

Posted on Nov 25, 2024 by Talent Smart Limited
Home Based, United Kingdom
IT
1 Dec 2024
£600 - £600 Daily
Contract/Project

We are seeking a highly skilled and experienced SOAR Expert to join a security team and play a key role in optimising and automating incident response processes within a Security Operations Center (SOC). The ideal candidate will bring extensive experience in SOC operations, advanced knowledge of SOAR platforms, and a passion for improving security efficiency and effectiveness through automation.

Key Responsibilities

  • SOAR Platform Expertise:

    • Lead the design, implementation, and optimisation of Security Orchestration, Automation, and Response (SOAR) solutions.
    • Integrate SOAR platforms with existing security tools, such as SIEM, EDR, and threat intelligence platforms.
    • Develop playbooks and workflows to automate routine and complex security tasks.
  • Security Optimisation:

    • Analyse existing SOC processes and identify opportunities for optimisation through automation and orchestration.
    • Define and implement key metrics to measure the effectiveness and efficiency of SOAR implementations.
    • Ensure that security automation aligns with organisational policies, compliance requirements, and industry best practices.
  • Incident Response Automation:

    • Automate incident response processes, such as malware analysis, phishing investigations, and alert triage.
    • Build workflows to enhance threat detection, investigation, and mitigation capabilities.
    • Collaborate with SOC analysts and engineers to ensure seamless adoption and effective use of automation solutions.
  • Collaboration and Training:

    • Partner with SOC, IT, and DevOps teams to understand pain points and design appropriate automation solutions.
    • Train SOC analysts and other stakeholders on the use of SOAR tools and processes.
    • Provide subject matter expertise on security automation during incident response exercises and after-action reviews.
  • Innovation and Continuous Improvement:

    • Stay current with the latest SOAR technologies, security threats, and trends in automation.
    • Propose and implement innovative solutions to improve overall SOC performance.
    • Conduct periodic reviews of automated processes to ensure they remain effective and relevant.

Requirements

  • Technical Skills:

    • Hands-on experience with SOAR platforms such as Palo Alto Cortex XSOAR, Splunk SOAR (formerly Phantom), or IBM Resilient.
    • Deep understanding of SOC operations, including incident detection, triage, investigation, and response.
    • Strong programming and Scripting skills (Python, PowerShell, Bash, etc.) for creating custom SOAR integrations and playbooks.
    • Proficiency in integrating SOAR tools with SIEM solutions (eg, Splunk, QRadar, ArcSight) and other security technologies.
  • Security Expertise:

    • Comprehensive knowledge of cybersecurity concepts, including threat intelligence, malware analysis, and vulnerability management.
    • Familiarity with frameworks such as MITRE ATT&CK, NIST CSF, and ISO 27001.
    • Experience in handling security incidents and implementing incident response methodologies.
  • Soft Skills:

    • Strong analytical and problem-solving abilities.
    • Excellent communication skills, with the ability to explain technical concepts to non-technical stakeholders.
    • Proven ability to work collaboratively in cross-functional teams.
  • Experience:

    • Minimum of [X] years of experience working in a SOC or similar environment.
    • Previous experience leading SOAR implementation projects is highly desirable.
    • Industry certifications such as CISSP, CEH, GIAC, or related credentials are a plus.

Preferred Qualifications

  • Experience with cloud-native security tools and SOAR integrations in cloud environments (AWS, Azure, GCP).
  • Knowledge of DevSecOps principles and CI/CD pipeline integrations with SOAR.
  • Familiarity with machine learning and AI use cases for enhancing security automation.

Reference: 2857403302

https://jobs.careeraddict.com/post/97345688

This Job Vacancy has Expired!

Security Orchestration Automation Response (SOAR) Expert

Posted on Nov 25, 2024 by Talent Smart Limited

Home Based, United Kingdom
IT
1 Dec 2024
£600 - £600 Daily
Contract/Project

We are seeking a highly skilled and experienced SOAR Expert to join a security team and play a key role in optimising and automating incident response processes within a Security Operations Center (SOC). The ideal candidate will bring extensive experience in SOC operations, advanced knowledge of SOAR platforms, and a passion for improving security efficiency and effectiveness through automation.

Key Responsibilities

  • SOAR Platform Expertise:

    • Lead the design, implementation, and optimisation of Security Orchestration, Automation, and Response (SOAR) solutions.
    • Integrate SOAR platforms with existing security tools, such as SIEM, EDR, and threat intelligence platforms.
    • Develop playbooks and workflows to automate routine and complex security tasks.
  • Security Optimisation:

    • Analyse existing SOC processes and identify opportunities for optimisation through automation and orchestration.
    • Define and implement key metrics to measure the effectiveness and efficiency of SOAR implementations.
    • Ensure that security automation aligns with organisational policies, compliance requirements, and industry best practices.
  • Incident Response Automation:

    • Automate incident response processes, such as malware analysis, phishing investigations, and alert triage.
    • Build workflows to enhance threat detection, investigation, and mitigation capabilities.
    • Collaborate with SOC analysts and engineers to ensure seamless adoption and effective use of automation solutions.
  • Collaboration and Training:

    • Partner with SOC, IT, and DevOps teams to understand pain points and design appropriate automation solutions.
    • Train SOC analysts and other stakeholders on the use of SOAR tools and processes.
    • Provide subject matter expertise on security automation during incident response exercises and after-action reviews.
  • Innovation and Continuous Improvement:

    • Stay current with the latest SOAR technologies, security threats, and trends in automation.
    • Propose and implement innovative solutions to improve overall SOC performance.
    • Conduct periodic reviews of automated processes to ensure they remain effective and relevant.

Requirements

  • Technical Skills:

    • Hands-on experience with SOAR platforms such as Palo Alto Cortex XSOAR, Splunk SOAR (formerly Phantom), or IBM Resilient.
    • Deep understanding of SOC operations, including incident detection, triage, investigation, and response.
    • Strong programming and Scripting skills (Python, PowerShell, Bash, etc.) for creating custom SOAR integrations and playbooks.
    • Proficiency in integrating SOAR tools with SIEM solutions (eg, Splunk, QRadar, ArcSight) and other security technologies.
  • Security Expertise:

    • Comprehensive knowledge of cybersecurity concepts, including threat intelligence, malware analysis, and vulnerability management.
    • Familiarity with frameworks such as MITRE ATT&CK, NIST CSF, and ISO 27001.
    • Experience in handling security incidents and implementing incident response methodologies.
  • Soft Skills:

    • Strong analytical and problem-solving abilities.
    • Excellent communication skills, with the ability to explain technical concepts to non-technical stakeholders.
    • Proven ability to work collaboratively in cross-functional teams.
  • Experience:

    • Minimum of [X] years of experience working in a SOC or similar environment.
    • Previous experience leading SOAR implementation projects is highly desirable.
    • Industry certifications such as CISSP, CEH, GIAC, or related credentials are a plus.

Preferred Qualifications

  • Experience with cloud-native security tools and SOAR integrations in cloud environments (AWS, Azure, GCP).
  • Knowledge of DevSecOps principles and CI/CD pipeline integrations with SOAR.
  • Familiarity with machine learning and AI use cases for enhancing security automation.

Reference: 2857403302

CareerAddict

Alert me to jobs like this:

Amplify your job search:

CV/résumé help

Increase interview chances with our downloads and specialist services.

CV Help

Expert career advice

Increase interview chances with our downloads and specialist services.

Visit Blog

Job compatibility

Increase interview chances with our downloads and specialist services.

Start Test