SOAR Developer Engineer

Job Description:

RESPONSIBILITIES:

• Assess, design, and improve SOC processes and workflows with a focus on integrating automation through Security Orchestration, Automation and Response (SOAR) tools and technologies.
• Work closely with the Security Operations Center (SOC) and Security Engineering teams to improve existing automation and deliver resilient security solutions.
• Implement new SOC automation and ensure continued compatibility with existing detection and response tools.
• Responsible for analyzing, building, testing, deploying, maintaining and documenting new SOAR (security orchestration and automation response) playbooks to extend the existing automation capabilities of the Cyber Security Teams. 
• Assist with the design, engineering, deployment, and maintenance of playbooks and custom automation products as threats change and new security tools and controls emerge. 
• Develop integrations with 3rd party services and APIs. 

Skills

• extensive experience of security engineering experience with SOAR, Security Operations, Incident Response
• Proficient in Python scripting language
• Development of Build/Run processes to ensure systems are properly maintained and operating effectively 
• Experience with various SIEM technologies (Sentinel, Splunk, Chronicle, etc)
• Understanding of security frameworks (MITRE ATT&CK, NIST CSF, etc.) 
• Agile development experience 
• Experience authoring security runbooks, policy, and best practice documentation 
• Your credentials will also include a sound knowledge of DevOps, JSON, XML, Rest APIs, GIT, JIRA, Bitbucket and Confluence 

NICE TO HAVE SKILLS AND EXPERIENCE:

• Understanding of classic and emerging threat actor tactics, techniques and procedures in both pre and post-exploitation phases of attack lifecycles.
• Experience using Python for the purpose of automating security operations and incident response processes.
• Strong understanding of security architecture, tool integration, API development and automation.
• Deep understanding of Incident Response processes.
• Understanding of common SOC and SOAR processes and workflows.
• SANS/GIAC, OSCP or similar certifications.
• DevSecOps CI/CD Pipeline Hands-on Experience

Well-being & Benefits

• A healthy, engaged, and well-supported workforce are better equipped to do their best work and, more importantly, enjoy their lives inside and outside the workplace. That’s why we are committed to providing an environment with your development and wellbeing at its center.
• Competitive salary
• 24 days’ holiday + loyalty days + bank holidays (weekdays offered for bank holidays on weekend days)
• Flexible working hours and working from home.
• Private healthcare and life insurance
• A culture of continuous learning with coaching and support from experts in your team

We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.