Project overview
About the Role This is an exciting remote contract opportunity for a SOAR Developer/Engineer. The role involves automating SOC Security Incident Response processes, developing custom applications for SOC workflows, and integrating the SOAR platform with other security tools and APIs. Key Responsibilities Automate SOC Security Incident Response processes to analyze and resolve alerts from existing security tools. Develop and maintain custom applications for SOC workflows. Assist with process development and improvement for SOC, including creation/modification of SOPs, Playbooks, and work instructions. Integrate SOAR platform with other security tools and APIs to execute automated workflows. Author, test, and maintain automation scripts/workflows within the SOAR platform. Design, implement, and maintain efficient and reusable Python, Javascript, and JSON code. Review, debug, and resolve technical issues throughout all stages of SDLC. Coordinate with system administrators and engineers to provision service accounts and/or grant required permissions. Actively mentor and train team members on SOC processes, governance, and frameworks. Qualifications/Requirements 2 plus years of work experience in one or more Cybersecurity focus areas such as SOC or Network Security. Bachelors degree in Computer Science, Information Systems, Engineering, or related field. Experience with SOAR platforms such as Swimlane, Phantom, XSOAR, etc. Experience in security process mapping, analysis, and improvement concepts, models, and best practices. Proficient in Python scripting. Working knowledge of REST APIs, JSON, HTML/CSS, Javascript, XML. Experience authoring SOC SOPs, playbooks, work instructions, and/or other process documents. Experience with SIEMs, such as Splunk, XSIAM, QRadar, etc. Experience with Visual Studio. Experience in a DevSecOps environment.