TC-CS-CDR-SOAR Analyst-Senior

Threat Detection And Response Consulting - Security Orchestration, Automation and Response (SOAR) - Senior

KEY Capabilities:

• Excellent teamwork skills, passion and drive to succeed and combat Cyber threats
• Working with the customer to identify security automation strategies and provide creative integrations and playbooks.
• Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs.
• Expertise in design and implementation of SOAR solution such as Phantom (Preferable), Demisto or Resilient
• Responsible for execution and maintenance of SOAR related analytical processes and tasks
• Manage and administration of SOAR platforms
• Hands-on experience with Incident Response and Threat Intelligence tools.
• Creation of reusable and efficient Python-based Playbooks.
• Use Phantom platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration
• Partner with security operations teams, threat intelligence groups and incident responders.
• Should have worked in a security operations center and gained understanding of SIEM and other log management platforms. Having experience in Splunk content development will be an added advantage
• Should have solid experience in the design/build, test, implementation, and maintenance of integration with other security tools and platforms
• Willing to learn new technologies and take up new challenges.  Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers.
• Knowledge in Network monitoring technology platforms such as Fidelis XPS or others
• Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others

Qualification And experience:

• Minimum of 6 years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating a complicated SOAR solution in global enterprise environments.
• Strong oral, written and listening skills are an essential component to effective consulting.
• Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary.
• Must have knowledge of Vulnerability Management, basic Windows setup, Windows Domains, trusts, GPOs, server roles, Windows security policies, basic Linux setup, user administration, Linux security and troubleshooting.
• Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc.
• Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field
• Minimum 3 years of working in SOAR
• Certification in any one of the SIEM Solution such as IBM QRadar, Exabeam, Securonix and Splunk will be an added advantage
• Certifications in a core security related discipline will be an added advantage.