Seeking a xSOAR Security Engineer! This position will support the our customer-s Security Engineering team to enhance their security tool integrations, automations, scripts, and playbook content for the SOAR platform. You'll be instrumental in maintaining and enhancing the security posture of vital systems. We are looking for a technical engineer to help maintain and support the xSOAR (Palo Alto Cortex) systems. Need someone with a demonstrated experience with SOAR tool suites that is resourceful in learning a very complex and dynamically changing network.
-Manage the xSOAR platform to included troubleshooting, patching and upgrades.
-Lead security automation playbook development from requirements collection to implementation.
-Write, test, and maintain automation scripts/workflows within SOAR platform.
-Design, implement, standardize, and maintain efficient and reusable Python.
-Translate conceptual CSOC\IR requirements into technical data and integration requirements for the SOAR platform.
-Deliver API solutions that streamline, simplify, and improve efficiencies for the Cybersecurity teams as well as other enterprise Business Units.
This position is a contract to permanent opportunity with our customer. Although primarily remote, there will be 1-2 meetings per quarter in our clients Reston VA or Wash DC office; at this time we are seeking candidates that reside in Maryland, Virginia, Washington DC or West Virginia and is eligible for FTE employment.
- Education Level: Bachelor's Degree. In lieu of a Bachelor's degree, an additional 4 years of relevant work experience is required in addition to the required work experience.
-Experience: 5 years professional experience in Cyber Security Engineering
-Demonstrated experience with SOAR tool suites, with an emphasis on Palo Alto Cortex SOAR
-Strong understanding of xSOAR
- Strong Python Scripting abilities - Required
-Strong understanding of CSOC workflows.
-Ability to communicate effectively with all levels of an organization from engineering, operations, and management.
-Experience working in or with security functions such as SOC, CIRT, security engineering, risk management, and vulnerability management..
-Demonstrated experience endpoint security, network security (Firewalls, IPS/IDS, DNS, Proxy, etc.), data and application security, cloud security and technologies.
Preferred:
-Certifications in SOAR or Splunk
-Experience with SPLUNK ES.
-RegEx experience.
-Experience administering Amazon Web Services (AWS) and/or Microsoft Azure.
Telecommute
1
Monday, April 1, 2024
Contract
6-12 month T2P
Tuesday, March 12, 2024
Know someone who would be a good fit? We pay for referrals!